All of lore.kernel.org
 help / color / mirror / Atom feed
From: Vlastimil Babka <vbabka@suse.cz>
To: Wanpeng Li <liwanp@linux.vnet.ibm.com>,
	Motohiro Kosaki <Motohiro.Kosaki@us.fujitsu.com>
Cc: Bob Liu <bob.liu@oracle.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	"linux-mm@kvack.org" <linux-mm@kvack.org>,
	Michel Lespinasse <walken@google.com>,
	"npiggin@suse.de" <npiggin@suse.de>,
	Motohiro Kosaki JP <kosaki.motohiro@jp.fujitsu.com>,
	"riel@redhat.com" <riel@redhat.com>,
	Sasha Levin <sasha.levin@oracle.com>
Subject: Re: mm: kernel BUG at mm/mlock.c:82!
Date: Wed, 18 Dec 2013 10:21:30 +0100	[thread overview]
Message-ID: <52B1691A.4030703@suse.cz> (raw)
In-Reply-To: <52b10249.ea34b60a.1e6e.ffff9dc7SMTPIN_ADDED_BROKEN@mx.google.com>

On 12/18/2013 03:02 AM, Wanpeng Li wrote:
> Hi Motohiro,
> On Tue, Dec 17, 2013 at 08:32:49AM -0800, Motohiro Kosaki wrote:
>>
>>
>>> -----Original Message-----
>>> From: owner-linux-mm@kvack.org [mailto:owner-linux-mm@kvack.org] On
>>> Behalf Of Wanpeng Li
>>> Sent: Tuesday, December 17, 2013 3:27 AM
>>> To: Sasha Levin
>>> Cc: Bob Liu; Andrew Morton; linux-mm@kvack.org; Michel Lespinasse;
>>> npiggin@suse.de; Motohiro Kosaki JP; riel@redhat.com
>>> Subject: Re: mm: kernel BUG at mm/mlock.c:82!
>>>
>>> Hi Sasha,
>>> On Tue, Dec 17, 2013 at 01:46:54AM -0500, Sasha Levin wrote:
>>>> On 12/17/2013 12:39 AM, Bob Liu wrote:
>>>>> cc'd more people.
>>>>>
>>>>> On 12/17/2013 09:04 AM, Sasha Levin wrote:
>>>>>> Hi all,
>>>>>>
>>>>>> While fuzzing with trinity inside a KVM tools guest running latest
>>>>>> -next kernel, I've stumbled on the following spew.
>>>>>>
>>>>>> Codewise, it's pretty straightforward. In try_to_unmap_cluster():
>>>>>>
>>>>>>                  page = vm_normal_page(vma, address, *pte);
>>>>>>                  BUG_ON(!page || PageAnon(page));
>>>>>>
>>>>>>                  if (locked_vma) {
>>>>>>                          mlock_vma_page(page);   /* no-op if already
>>>>>> mlocked */
>>>>>>                          if (page == check_page)
>>>>>>                                  ret = SWAP_MLOCK;
>>>>>>                          continue;       /* don't unmap */
>>>>>>                  }
>>>>>>
>>>>>> And the BUG triggers once we see that 'page' isn't locked.
>>>>>>
>>>>>
>>>>> Yes, I didn't see any place locked the corresponding page in
>>>>> try_to_unmap_cluster().
>>>>>
>>>>> I'm afraid adding lock_page() over there may cause potential deadlock.
>>>>> How about just remove the BUG_ON() in mlock_vma_page()?
>>>>
>>>> Welp, it's been there for 5 years now - there should be a good reason to
>>> justify removing it.
>>>>
>>>
>>> Page should be locked before invoke try_to_unmap(), this check can't be
>>> removed since this bug is just triggered by confirm !check page hold page
>>> lock in virtual scan during nolinear VMAs pages aging. Avoid to confirm !check
>>> page hold page lock is acceptable.
>>
>> That's a try_to_unmap()'s assumption and it already have  BUG_ON(!PageLocked(page)).
>> We can remove wrong BUG_ON from mlock_vma_page() simply. Mlock_vma_page() doesn't depend on page-locked.
>>
>
> There is a race between mlock_vma_page() and munlock_vma_page(). Both of
> them should hold page lock and have a BUG_ON assumption.

I think the atomic operations on PageMlocked prevent such races. Also 
these functions seem to be always called with mmap_sem held.

> Regards,
> Wanpeng Li
>
>>
>
> --
> To unsubscribe, send a message with 'unsubscribe linux-mm' in
> the body to majordomo@kvack.org.  For more info on Linux MM,
> see: http://www.linux-mm.org/ .
> Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
>

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>

  parent reply	other threads:[~2013-12-18  9:21 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-12-17  1:04 mm: kernel BUG at mm/mlock.c:82! Sasha Levin
2013-12-17  5:39 ` Bob Liu
2013-12-17  6:46   ` Sasha Levin
2013-12-17  8:26     ` Wanpeng Li
2013-12-17 16:32       ` Motohiro Kosaki
2013-12-18  2:02         ` Wanpeng Li
2013-12-18  2:17           ` Bob Liu
2013-12-18  9:21           ` Vlastimil Babka [this message]
     [not found]         ` <20131218020239.GA16603@hacker.(null)>
2013-12-18 19:27           ` Motohiro Kosaki
2013-12-17  8:12 ` Wanpeng Li

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=52B1691A.4030703@suse.cz \
    --to=vbabka@suse.cz \
    --cc=Motohiro.Kosaki@us.fujitsu.com \
    --cc=akpm@linux-foundation.org \
    --cc=bob.liu@oracle.com \
    --cc=kosaki.motohiro@jp.fujitsu.com \
    --cc=linux-mm@kvack.org \
    --cc=liwanp@linux.vnet.ibm.com \
    --cc=npiggin@suse.de \
    --cc=riel@redhat.com \
    --cc=sasha.levin@oracle.com \
    --cc=walken@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.