From: Sasha Levin <sasha.levin@oracle.com>
To: Hugh Dickins <hughd@google.com>
Cc: Mel Gorman <mgorman@suse.de>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Andrew Morton <akpm@linux-foundation.org>,
Dave Jones <davej@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Rik van Riel <riel@redhat.com>,
Johannes Weiner <hannes@cmpxchg.org>,
Cyrill Gorcunov <gorcunov@gmail.com>
Subject: Re: mm: BUG in unmap_page_range
Date: Wed, 10 Sep 2014 09:12:04 -0400 [thread overview]
Message-ID: <54104E24.5010402@oracle.com> (raw)
In-Reply-To: <alpine.LSU.2.11.1409091903390.10989@eggly.anvils>
On 09/09/2014 10:45 PM, Hugh Dickins wrote:
> Sasha, you say you're getting plenty of these now, but I've only seen
> the dump for one of them, on Aug26: please post a few more dumps, so
> that we can look for commonality.
I wasn't saving older logs for this issue so I only have 2 traces from
tonight. If that's not enough please let me know and I'll try to add
a few more.
[ 1125.600123] kernel BUG at include/asm-generic/pgtable.h:724!
[ 1125.600123] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 1125.600123] Dumping ftrace buffer:
[ 1125.600123] (ftrace buffer empty)
[ 1125.600123] Modules linked in:
[ 1125.600123] CPU: 16 PID: 11903 Comm: trinity-c517 Not tainted 3.17.0-rc4-next-20140909-sasha-00032-gc16d47b #1135
[ 1125.600123] task: ffff880661730000 ti: ffff880582c20000 task.ti: ffff880582c20000
[ 1125.600123] RIP: 0010:[<ffffffffa32e500a>] [<ffffffffa32e500a>] change_pte_range+0x4ea/0x4f0
[ 1125.600123] RSP: 0018:ffff880582c23d68 EFLAGS: 00010246
[ 1125.600123] RAX: 0000000936d9a900 RBX: 00007ffdb17c8000 RCX: 0000000000000100
[ 1125.600123] RDX: 0000000936d9a900 RSI: 00007ffdb17c8000 RDI: 0000000936d9a900
[ 1125.600123] RBP: ffff880582c23dc8 R08: ffff8802a8f2d400 R09: 0000000000b56000
[ 1125.600123] R10: 0000000000020201 R11: 0000000000000008 R12: ffff88004dd6ee40
[ 1125.600123] R13: 8000000000000025 R14: 00007ffdb1800000 R15: ffffc00000000fff
[ 1125.600123] FS: 00007ffdb6382700(0000) GS:ffff880278200000(0000) knlGS:0000000000000000
[ 1125.600123] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1125.600123] CR2: 00007ffdb617e60c CR3: 000000050ff12000 CR4: 00000000000006a0
[ 1125.600123] DR0: 00000000006f0000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1125.600123] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 1125.600123] Stack:
[ 1125.600123] 0000000000000001 0000000936d9a900 0000000000000046 ffff8804bd549f40
[ 1125.600123] 000000001f989000 ffff8802a8f2d400 ffff88051f989000 00007f9f40604cfdb1ac8000
[ 1125.600123] ffff88032fcc3c58 00007ffdb16df000 00007ffdb16df000 00007ffdb1800000
[ 1125.600123] Call Trace:
[ 1125.600123] [<ffffffffa32e52c4>] change_protection+0x2b4/0x4e0
[ 1125.600123] [<ffffffffa32fefdb>] change_prot_numa+0x1b/0x40
[ 1125.600123] [<ffffffffa31add86>] task_numa_work+0x1f6/0x330
[ 1125.600123] [<ffffffffa3193d84>] task_work_run+0xc4/0xf0
[ 1125.600123] [<ffffffffa3071477>] do_notify_resume+0x97/0xb0
[ 1125.600123] [<ffffffffa650daea>] int_signal+0x12/0x17
[ 1125.600123] Code: 66 90 48 8b 7d b8 e8 f6 75 22 03 48 8b 45 b0 e9 6f ff ff ff 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b <0f> 0b 0f 0b 0f 0b 66 66 66 66 90 55 48 89 e5 41 57 49 89 d7 41
[ 1125.600123] RIP [<ffffffffa32e500a>] change_pte_range+0x4ea/0x4f0
[ 1125.600123] RSP <ffff880582c23d68>
[ 3131.084176] kernel BUG at include/asm-generic/pgtable.h:724!
[ 3131.087358] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 3131.090143] Dumping ftrace buffer:
[ 3131.090143] (ftrace buffer empty)
[ 3131.090143] Modules linked in:
[ 3131.090143] CPU: 8 PID: 20595 Comm: trinity-c34 Not tainted 3.17.0-rc4-next-20140909-sasha-00032-gc16d47b #1135
[ 3131.090143] task: ffff8801ded60000 ti: ffff8803204ec000 task.ti: ffff8803204ec000
[ 3131.090143] RIP: 0010:[<ffffffffa72e500a>] [<ffffffffa72e500a>] change_pte_range+0x4ea/0x4f0
[ 3131.090143] RSP: 0000:ffff8803204efd68 EFLAGS: 00010246
[ 3131.090143] RAX: 0000000971bba900 RBX: 00007ffda1d4d000 RCX: 0000000000000100
[ 3131.090143] RDX: 0000000971bba900 RSI: 00007ffda1d4d000 RDI: 0000000971bba900
[ 3131.120281] RBP: ffff8803204efdc8 R08: ffff88026bed8800 R09: 0000000000b48000
[ 3131.120281] R10: 0000000000076501 R11: 0000000000000008 R12: ffff8801ca071a68
[ 3131.120281] R13: 8000000000000025 R14: 00007ffda1dbf000 R15: ffffc00000000fff
[ 3131.120281] FS: 00007ffda5cd4700(0000) GS:ffff880277e00000(0000) knlGS:0000000000000000
[ 3131.120281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3131.120281] CR2: 00000000025d6000 CR3: 00000004bcde2000 CR4: 00000000000006a0
[ 3131.120281] Stack:
[ 3131.120281] 0000000000000001 0000000971bba900 000000000000005c ffff8800661a7b60
[ 3131.120281] 00000000f4953000 ffff88026bed8800 ffff8801f4953000 00007ffda1dbf000
[ 3131.120281] ffff8802b3319870 00007ffda1c1b000 00007ffda1c1b000 00007ffda1dbf000
[ 3131.120281] Call Trace:
[ 3131.120281] [<ffffffffa72e52c4>] change_protection+0x2b4/0x4e0
[ 3131.120281] [<ffffffffa72fefdb>] change_prot_numa+0x1b/0x40
[ 3131.120281] [<ffffffffa71add86>] task_numa_work+0x1f6/0x330
[ 3131.120281] [<ffffffffa7193d84>] task_work_run+0xc4/0xf0
[ 3131.120281] [<ffffffffa7071477>] do_notify_resume+0x97/0xb0
[ 3131.120281] [<ffffffffaa50e6ae>] retint_signal+0x4d/0x9f
[ 3131.120281] Code: 66 90 48 8b 7d b8 e8 f6 75 22 03 48 8b 45 b0 e9 6f ff ff ff 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b <0f> 0b 0f 0b 0f 0b 66 66 66 66 90 55 48 89 e5 41 57 49 89 d7 41
[ 3131.120281] RIP [<ffffffffa72e500a>] change_pte_range+0x4ea/0x4f0
[ 3131.120281] RSP <ffff8803204efd68>
> And please attach a disassembly of change_protection_range() (noting
> which of the dumps it corresponds to, in case it has changed around):
> "Code" just shows a cluster of ud2s for the unlikely bugs at end of the
> function, we cannot tell at all what should be in the registers by then.
change_protection_range() got inlined into change_protection(), it applies to
both traces above:
00000000000004f0 <change_protection>:
4f0: e8 00 00 00 00 callq 4f5 <change_protection+0x5>
4f1: R_X86_64_PC32 __fentry__-0x4
4f5: 55 push %rbp
4f6: 48 89 e5 mov %rsp,%rbp
4f9: 41 57 push %r15
4fb: 49 89 d7 mov %rdx,%r15
4fe: 41 56 push %r14
500: 41 55 push %r13
502: 41 54 push %r12
504: 53 push %rbx
505: 48 81 ec 98 00 00 00 sub $0x98,%rsp
50c: 48 89 7d c8 mov %rdi,-0x38(%rbp)
510: 48 89 75 c0 mov %rsi,-0x40(%rbp)
514: 48 89 4d b8 mov %rcx,-0x48(%rbp)
518: 44 89 45 98 mov %r8d,-0x68(%rbp)
51c: 44 89 4d 9c mov %r9d,-0x64(%rbp)
520: f6 47 52 40 testb $0x40,0x52(%rdi)
524: 0f 85 96 03 00 00 jne 8c0 <change_protection+0x3d0>
52a: 48 8b 45 c8 mov -0x38(%rbp),%rax
52e: 48 8b 40 40 mov 0x40(%rax),%rax
532: 48 89 45 80 mov %rax,-0x80(%rbp)
536: 48 39 55 c0 cmp %rdx,-0x40(%rbp)
53a: 0f 83 40 04 00 00 jae 980 <change_protection+0x490>
540: 4c 8b 5d c0 mov -0x40(%rbp),%r11
544: 48 8b 4d 80 mov -0x80(%rbp),%rcx
548: 4c 89 d8 mov %r11,%rax
54b: 48 c1 e8 24 shr $0x24,%rax
54f: c6 81 dc 08 00 00 01 movb $0x1,0x8dc(%rcx)
556: 25 f8 0f 00 00 and $0xff8,%eax
55b: 48 03 41 40 add 0x40(%rcx),%rax
55f: 48 8d 52 ff lea -0x1(%rdx),%rdx
563: 4c 89 7d d0 mov %r15,-0x30(%rbp)
567: 49 89 c7 mov %rax,%r15
56a: 48 89 55 b0 mov %rdx,-0x50(%rbp)
56e: 48 c7 45 a8 00 00 00 movq $0x0,-0x58(%rbp)
575: 00
576: 48 b8 00 00 00 00 80 movabs $0x8000000000,%rax
57d: 00 00 00
580: 49 8b 3f mov (%r15),%rdi
583: 49 bd 00 00 00 00 80 movabs $0xffffff8000000000,%r13
58a: ff ff ff
58d: 4c 01 d8 add %r11,%rax
590: 49 21 c5 and %rax,%r13
593: 49 8d 45 ff lea -0x1(%r13),%rax
597: 48 3b 45 b0 cmp -0x50(%rbp),%rax
59b: 4c 0f 43 6d d0 cmovae -0x30(%rbp),%r13
5a0: 48 85 ff test %rdi,%rdi
5a3: 0f 84 2f 02 00 00 je 7d8 <change_protection+0x2e8>
5a9: 48 b8 fb 0f 00 00 00 movabs $0xffffc00000000ffb,%rax
5b0: c0 ff ff
5b3: 48 21 f8 and %rdi,%rax
5b6: 48 83 f8 63 cmp $0x63,%rax
5ba: 0f 85 98 03 00 00 jne 958 <change_protection+0x468>
5c0: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 5c8 <change_protection+0xd8>
5c7: 00
5c3: R_X86_64_PC32 pv_mmu_ops+0xf3
5c8: 0f 84 d2 03 00 00 je 9a0 <change_protection+0x4b0>
5ce: ff 14 25 00 00 00 00 callq *0x0
5d1: R_X86_64_32S pv_mmu_ops+0xf8
5d5: 4c 89 df mov %r11,%rdi
5d8: 4d 89 ea mov %r13,%r10
5db: 4c 89 bd 60 ff ff ff mov %r15,-0xa0(%rbp)
5e2: 48 ba 00 f0 ff ff ff movabs $0x3ffffffff000,%rdx
5e9: 3f 00 00
5ec: 48 c1 ef 1b shr $0x1b,%rdi
5f0: 48 21 d0 and %rdx,%rax
5f3: 48 be 00 00 00 00 00 movabs $0xffff880000000000,%rsi
5fa: 88 ff ff
5fd: 48 c7 85 68 ff ff ff movq $0x0,-0x98(%rbp)
604: 00 00 00 00
608: 81 e7 f8 0f 00 00 and $0xff8,%edi
60e: 48 89 95 70 ff ff ff mov %rdx,-0x90(%rbp)
615: 48 01 f7 add %rsi,%rdi
618: 4c 8d 34 07 lea (%rdi,%rax,1),%r14
61c: 49 8d 45 ff lea -0x1(%r13),%rax
620: 4d 89 f5 mov %r14,%r13
623: 4d 89 de mov %r11,%r14
626: 48 89 45 a0 mov %rax,-0x60(%rbp)
62a: 49 8d 9e 00 00 00 40 lea 0x40000000(%r14),%rbx
631: 49 8b 7d 00 mov 0x0(%r13),%rdi
635: 48 81 e3 00 00 00 c0 and $0xffffffffc0000000,%rbx
63c: 48 8d 43 ff lea -0x1(%rbx),%rax
640: 48 3b 45 a0 cmp -0x60(%rbp),%rax
644: 49 0f 43 da cmovae %r10,%rbx
648: 48 85 ff test %rdi,%rdi
64b: 0f 84 ff 01 00 00 je 850 <change_protection+0x360>
651: 48 b8 98 0f 00 00 00 movabs $0xffffc00000000f98,%rax
658: c0 ff ff
65b: 48 85 c7 test %rax,%rdi
65e: 0f 85 04 03 00 00 jne 968 <change_protection+0x478>
664: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 66c <change_protection+0x17c>
66b: 00
667: R_X86_64_PC32 pv_mmu_ops+0x11b
66c: 0f 84 4e 03 00 00 je 9c0 <change_protection+0x4d0>
672: 48 8b 45 c8 mov -0x38(%rbp),%rax
676: 48 8b 40 40 mov 0x40(%rax),%rax
67a: 48 89 85 78 ff ff ff mov %rax,-0x88(%rbp)
681: ff 14 25 00 00 00 00 callq *0x0
684: R_X86_64_32S pv_mmu_ops+0x120
688: 48 23 85 70 ff ff ff and -0x90(%rbp),%rax
68f: 4d 89 f4 mov %r14,%r12
692: 45 31 db xor %r11d,%r11d
695: 4c 89 ad 48 ff ff ff mov %r13,-0xb8(%rbp)
69c: 49 c1 ec 12 shr $0x12,%r12
6a0: 48 c7 45 88 00 00 00 movq $0x0,-0x78(%rbp)
6a7: 00
6a8: 4d 89 dd mov %r11,%r13
6ab: 41 81 e4 f8 0f 00 00 and $0xff8,%r12d
6b2: 4c 89 95 50 ff ff ff mov %r10,-0xb0(%rbp)
6b9: 48 ba 00 00 00 00 00 movabs $0xffff880000000000,%rdx
6c0: 88 ff ff
6c3: 48 c7 85 58 ff ff ff movq $0x0,-0xa8(%rbp)
6ca: 00 00 00 00
6ce: 49 01 d4 add %rdx,%r12
6d1: 49 01 c4 add %rax,%r12
6d4: 48 8d 43 ff lea -0x1(%rbx),%rax
6d8: 48 89 45 90 mov %rax,-0x70(%rbp)
6dc: 4d 8d be 00 00 20 00 lea 0x200000(%r14),%r15
6e3: 49 8b 3c 24 mov (%r12),%rdi
6e7: 49 81 e7 00 00 e0 ff and $0xffffffffffe00000,%r15
6ee: 49 8d 47 ff lea -0x1(%r15),%rax
6f2: 48 3b 45 90 cmp -0x70(%rbp),%rax
6f6: 4c 0f 43 fb cmovae %rbx,%r15
6fa: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 702 <change_protection+0x212>
701: 00
6fd: R_X86_64_PC32 pv_mmu_ops+0x10b
702: 0f 84 60 01 00 00 je 868 <change_protection+0x378>
708: ff 14 25 00 00 00 00 callq *0x0
70b: R_X86_64_32S pv_mmu_ops+0x110
70f: a8 80 test $0x80,%al
711: 0f 84 59 01 00 00 je 870 <change_protection+0x380>
717: 4d 85 ed test %r13,%r13
71a: 75 18 jne 734 <change_protection+0x244>
71c: 48 8b 85 78 ff ff ff mov -0x88(%rbp),%rax
723: 4d 89 f5 mov %r14,%r13
726: 48 83 b8 c0 04 00 00 cmpq $0x0,0x4c0(%rax)
72d: 00
72e: 0f 85 54 02 00 00 jne 988 <change_protection+0x498>
734: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 73c <change_protection+0x24c>
73b: 00
737: R_X86_64_PC32 pv_mmu_ops+0x10b
73c: 49 8b 3c 24 mov (%r12),%rdi
740: 0f 84 22 01 00 00 je 868 <change_protection+0x378>
746: ff 14 25 00 00 00 00 callq *0x0
749: R_X86_64_32S pv_mmu_ops+0x110
74d: a8 80 test $0x80,%al
74f: 74 33 je 784 <change_protection+0x294>
751: 4c 89 f8 mov %r15,%rax
754: 4c 29 f0 sub %r14,%rax
757: 48 3d 00 00 20 00 cmp $0x200000,%rax
75d: 0f 84 7d 01 00 00 je 8e0 <change_protection+0x3f0>
763: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 76b <change_protection+0x27b>
76a: 00
766: R_X86_64_PC32 pv_mmu_ops+0x10b
76b: 49 8b 3c 24 mov (%r12),%rdi
76f: 0f 84 f3 00 00 00 je 868 <change_protection+0x378>
775: ff 14 25 00 00 00 00 callq *0x0
778: R_X86_64_32S pv_mmu_ops+0x110
77c: a8 80 test $0x80,%al
77e: 0f 85 24 02 00 00 jne 9a8 <change_protection+0x4b8>
784: 8b 45 9c mov -0x64(%rbp),%eax
787: 4c 89 f9 mov %r15,%rcx
78a: 4c 89 f2 mov %r14,%rdx
78d: 4c 89 e6 mov %r12,%rsi
790: 44 8b 4d 98 mov -0x68(%rbp),%r9d
794: 4c 8b 45 b8 mov -0x48(%rbp),%r8
798: 48 8b 7d c8 mov -0x38(%rbp),%rdi
79c: 89 04 24 mov %eax,(%rsp)
79f: e8 5c f8 ff ff callq 0 <change_pte_range>
7a4: 48 01 45 88 add %rax,-0x78(%rbp)
7a8: 49 83 c4 08 add $0x8,%r12
7ac: 4c 39 fb cmp %r15,%rbx
7af: 74 3f je 7f0 <change_protection+0x300>
7b1: 4d 89 fe mov %r15,%r14
7b4: e9 23 ff ff ff jmpq 6dc <change_protection+0x1ec>
7b9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
7c0: 48 8b b5 68 ff ff ff mov -0x98(%rbp),%rsi
7c7: 4d 89 d5 mov %r10,%r13
7ca: 4c 8b bd 60 ff ff ff mov -0xa0(%rbp),%r15
7d1: 48 01 75 a8 add %rsi,-0x58(%rbp)
7d5: 0f 1f 00 nopl (%rax)
7d8: 49 83 c7 08 add $0x8,%r15
7dc: 4c 39 6d d0 cmp %r13,-0x30(%rbp)
7e0: 0f 84 3a 01 00 00 je 920 <change_protection+0x430>
7e6: 4d 89 eb mov %r13,%r11
7e9: e9 88 fd ff ff jmpq 576 <change_protection+0x86>
7ee: 66 90 xchg %ax,%ax
7f0: 4d 89 eb mov %r13,%r11
7f3: 4c 8b 95 50 ff ff ff mov -0xb0(%rbp),%r10
7fa: 4c 8b ad 48 ff ff ff mov -0xb8(%rbp),%r13
801: 4d 85 db test %r11,%r11
804: 74 2a je 830 <change_protection+0x340>
806: 48 8b 85 78 ff ff ff mov -0x88(%rbp),%rax
80d: 48 83 b8 c0 04 00 00 cmpq $0x0,0x4c0(%rax)
814: 00
815: 74 19 je 830 <change_protection+0x340>
817: 48 89 da mov %rbx,%rdx
81a: 4c 89 de mov %r11,%rsi
81d: 48 89 c7 mov %rax,%rdi
820: 4c 89 55 90 mov %r10,-0x70(%rbp)
824: e8 00 00 00 00 callq 829 <change_protection+0x339>
825: R_X86_64_PC32 __mmu_notifier_invalidate_range_end-0x4
829: 4c 8b 55 90 mov -0x70(%rbp),%r10
82d: 0f 1f 00 nopl (%rax)
830: 48 8b 85 58 ff ff ff mov -0xa8(%rbp),%rax
837: 48 85 c0 test %rax,%rax
83a: 74 09 je 845 <change_protection+0x355>
83c: 65 48 01 04 25 00 00 add %rax,%gs:0x0
843: 00 00
841: R_X86_64_32S vm_event_states+0x170
845: 48 8b 75 88 mov -0x78(%rbp),%rsi
849: 48 01 b5 68 ff ff ff add %rsi,-0x98(%rbp)
850: 49 83 c5 08 add $0x8,%r13
854: 49 39 da cmp %rbx,%r10
857: 0f 84 63 ff ff ff je 7c0 <change_protection+0x2d0>
85d: 49 89 de mov %rbx,%r14
860: e9 c5 fd ff ff jmpq 62a <change_protection+0x13a>
865: 0f 1f 00 nopl (%rax)
868: 0f 0b ud2
86a: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
870: 49 8b 04 24 mov (%r12),%rax
874: 48 85 c0 test %rax,%rax
877: 0f 84 2b ff ff ff je 7a8 <change_protection+0x2b8>
87d: 48 89 c2 mov %rax,%rdx
880: 81 e2 01 02 00 00 and $0x201,%edx
886: 48 81 fa 00 02 00 00 cmp $0x200,%rdx
88d: 0f 84 84 fe ff ff je 717 <change_protection+0x227>
893: 48 be fb 0f 00 00 00 movabs $0xffffc00000000ffb,%rsi
89a: c0 ff ff
89d: 48 21 f0 and %rsi,%rax
8a0: 48 83 f8 63 cmp $0x63,%rax
8a4: 0f 84 6d fe ff ff je 717 <change_protection+0x227>
8aa: 4c 89 e7 mov %r12,%rdi
8ad: e8 00 00 00 00 callq 8b2 <change_protection+0x3c2>
8ae: R_X86_64_PC32 pmd_clear_bad-0x4
8b2: e9 f1 fe ff ff jmpq 7a8 <change_protection+0x2b8>
8b7: 66 0f 1f 84 00 00 00 nopw 0x0(%rax,%rax,1)
8be: 00 00
8c0: e8 00 00 00 00 callq 8c5 <change_protection+0x3d5>
8c1: R_X86_64_PC32 hugetlb_change_protection-0x4
8c5: 48 89 45 a8 mov %rax,-0x58(%rbp)
8c9: 48 8b 45 a8 mov -0x58(%rbp),%rax
8cd: 48 81 c4 98 00 00 00 add $0x98,%rsp
8d4: 5b pop %rbx
8d5: 41 5c pop %r12
8d7: 41 5d pop %r13
8d9: 41 5e pop %r14
8db: 41 5f pop %r15
8dd: 5d pop %rbp
8de: c3 retq
8df: 90 nop
8e0: 44 8b 45 9c mov -0x64(%rbp),%r8d
8e4: 4c 89 f2 mov %r14,%rdx
8e7: 4c 89 e6 mov %r12,%rsi
8ea: 48 8b 4d b8 mov -0x48(%rbp),%rcx
8ee: 48 8b 7d c8 mov -0x38(%rbp),%rdi
8f2: e8 00 00 00 00 callq 8f7 <change_protection+0x407>
8f3: R_X86_64_PC32 change_huge_pmd-0x4
8f7: 85 c0 test %eax,%eax
8f9: 0f 84 85 fe ff ff je 784 <change_protection+0x294>
8ff: 3d 00 02 00 00 cmp $0x200,%eax
904: 0f 85 9e fe ff ff jne 7a8 <change_protection+0x2b8>
90a: 48 81 45 88 00 02 00 addq $0x200,-0x78(%rbp)
911: 00
912: 48 83 85 58 ff ff ff addq $0x1,-0xa8(%rbp)
919: 01
91a: e9 89 fe ff ff jmpq 7a8 <change_protection+0x2b8>
91f: 90 nop
920: 48 83 7d a8 00 cmpq $0x0,-0x58(%rbp)
925: 4c 8b 7d d0 mov -0x30(%rbp),%r15
929: 74 18 je 943 <change_protection+0x453>
92b: 48 8b 45 c8 mov -0x38(%rbp),%rax
92f: 4c 89 fa mov %r15,%rdx
932: 48 8b 75 c0 mov -0x40(%rbp),%rsi
936: 48 8b 48 50 mov 0x50(%rax),%rcx
93a: 48 8b 78 40 mov 0x40(%rax),%rdi
93e: e8 00 00 00 00 callq 943 <change_protection+0x453>
93f: R_X86_64_PC32 flush_tlb_mm_range-0x4
943: 48 8b 45 80 mov -0x80(%rbp),%rax
947: c6 80 dc 08 00 00 00 movb $0x0,0x8dc(%rax)
94e: e9 76 ff ff ff jmpq 8c9 <change_protection+0x3d9>
953: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
958: 4c 89 ff mov %r15,%rdi
95b: e8 00 00 00 00 callq 960 <change_protection+0x470>
95c: R_X86_64_PC32 pgd_clear_bad-0x4
960: e9 73 fe ff ff jmpq 7d8 <change_protection+0x2e8>
965: 0f 1f 00 nopl (%rax)
968: 4c 89 ef mov %r13,%rdi
96b: 4c 89 55 90 mov %r10,-0x70(%rbp)
96f: e8 00 00 00 00 callq 974 <change_protection+0x484>
970: R_X86_64_PC32 pud_clear_bad-0x4
974: 4c 8b 55 90 mov -0x70(%rbp),%r10
978: e9 d3 fe ff ff jmpq 850 <change_protection+0x360>
97d: 0f 1f 00 nopl (%rax)
980: 0f 0b ud2
982: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
988: 48 89 da mov %rbx,%rdx
98b: 4c 89 f6 mov %r14,%rsi
98e: 48 89 c7 mov %rax,%rdi
991: e8 00 00 00 00 callq 996 <change_protection+0x4a6>
992: R_X86_64_PC32 __mmu_notifier_invalidate_range_start-0x4
996: e9 99 fd ff ff jmpq 734 <change_protection+0x244>
99b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
9a0: 0f 0b ud2
9a2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
9a8: 48 8b 7d c8 mov -0x38(%rbp),%rdi
9ac: 4c 89 e2 mov %r12,%rdx
9af: 4c 89 f6 mov %r14,%rsi
9b2: e8 00 00 00 00 callq 9b7 <change_protection+0x4c7>
9b3: R_X86_64_PC32 __split_huge_page_pmd-0x4
9b7: e9 c8 fd ff ff jmpq 784 <change_protection+0x294>
9bc: 0f 1f 40 00 nopl 0x0(%rax)
9c0: 0f 0b ud2
9c2: 66 66 66 66 66 2e 0f data32 data32 data32 data32 nopw %cs:0x0(%rax,%rax,1)
9c9: 1f 84 00 00 00 00 00
> I've been rather assuming that the 9d340902 seen in many of the
> registers in that Aug26 dump is the pte val in question: that's
> SOFT_DIRTY|PROTNONE|RW.
>
> I think RW on PROTNONE is unusual but not impossible (migration entry
> replacement racing with mprotect setting PROT_NONE, after it's updated
> vm_page_prot, before it's reached the page table). But exciting though
> that line of thought is, I cannot actually bring it to a pte_mknuma bug,
> or any bug at all.
>
> Mel, no way can it be the cause of this bug - unless Sasha's later
> traces actually show a different stack - but I don't see the call
> to change_prot_numa() from queue_pages_range() sharing the same
> avoidance of PROT_NONE that task_numa_work() has (though it does
> have an outdated comment about PROT_NONE which should be removed).
> So I think that site probably does need PROT_NONE checking added.
I've spotted a new trace in overnight fuzzing, it could be related to this issue:
[ 3494.324839] general protection fault: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 3494.332153] Dumping ftrace buffer:
[ 3494.332153] (ftrace buffer empty)
[ 3494.332153] Modules linked in:
[ 3494.332153] CPU: 8 PID: 2727 Comm: trinity-c929 Not tainted 3.17.0-rc4-next-20140909-sasha-00032-gc16d47b #1135
[ 3494.332153] task: ffff88047e52b000 ti: ffff8804d491c000 task.ti: ffff8804d491c000
[ 3494.332153] RIP: task_numa_work (include/linux/mempolicy.h:177 kernel/sched/fair.c:1956)
[ 3494.332153] RSP: 0000:ffff8804d491feb8 EFLAGS: 00010206
[ 3494.332153] RAX: 0000000000000000 RBX: ffff8804bf4e8000 RCX: 000000000000e8e8
[ 3494.343974] RDX: 000000000000000a RSI: 0000000000000000 RDI: ffff8804bd6d4da8
[ 3494.343974] RBP: ffff8804d491fef8 R08: ffff8804bf4e84c8 R09: 0000000000000000
[ 3494.343974] R10: 00007f53e443c000 R11: 0000000000000001 R12: 00007f53e443c000
[ 3494.343974] R13: 000000000000dc51 R14: 006f732e61727478 R15: ffff88047e52b000
[ 3494.343974] FS: 00007f53e463f700(0000) GS:ffff880277e00000(0000) knlGS:0000000000000000
[ 3494.343974] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 3494.369895] CR2: 0000000001670fa8 CR3: 0000000283562000 CR4: 00000000000006a0
[ 3494.369895] DR0: 00000000006f0000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3494.369895] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 3494.380081] Stack:
[ 3494.380081] ffff8804bf4e80a8 0000000000000014 00007f53e4437000 0000000000000000
[ 3494.380081] ffffffff9b976e70 ffff88047e52bbd8 ffff88047e52b000 0000000000000000
[ 3494.380081] ffff8804d491ff28 ffffffff95193d84 0000000000000002 ffff8804d491ff58
[ 3494.380081] Call Trace:
[ 3494.380081] task_work_run (kernel/task_work.c:125 (discriminator 1))
[ 3494.380081] do_notify_resume (include/linux/tracehook.h:190 arch/x86/kernel/signal.c:758)
[ 3494.380081] retint_signal (arch/x86/kernel/entry_64.S:918)
[ 3494.380081] Code: e8 1e e5 01 00 48 89 df 4c 89 e6 e8 a3 2d 13 00 49 89 c6 48 85 c0 0f 84 07 02 00 00 48 c7 45 c8 00 00 00 00 0f 1f 80 00 00 00 00 <49> f7 46 50 00 44 00 00 0f 85 42 01 00 00 49 8b 86 a0 00 00 00
All code
========
0: e8 1e e5 01 00 callq 0x1e523
5: 48 89 df mov %rbx,%rdi
8: 4c 89 e6 mov %r12,%rsi
b: e8 a3 2d 13 00 callq 0x132db3
10: 49 89 c6 mov %rax,%r14
13: 48 85 c0 test %rax,%rax
16: 0f 84 07 02 00 00 je 0x223
1c: 48 c7 45 c8 00 00 00 movq $0x0,-0x38(%rbp)
23: 00
24: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
2b:* 49 f7 46 50 00 44 00 testq $0x4400,0x50(%r14) <-- trapping instruction
32: 00
33: 0f 85 42 01 00 00 jne 0x17b
39: 49 8b 86 a0 00 00 00 mov 0xa0(%r14),%rax
...
Code starting with the faulting instruction
===========================================
0: 49 f7 46 50 00 44 00 testq $0x4400,0x50(%r14)
7: 00
8: 0f 85 42 01 00 00 jne 0x150
e: 49 8b 86 a0 00 00 00 mov 0xa0(%r14),%rax
...
[ 3494.380081] RIP task_numa_work (include/linux/mempolicy.h:177 kernel/sched/fair.c:1956)
[ 3494.380081] RSP <ffff8804d491feb8>
Thanks,
Sasha
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Sasha Levin <sasha.levin@oracle.com>
To: Hugh Dickins <hughd@google.com>
Cc: Mel Gorman <mgorman@suse.de>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Andrew Morton <akpm@linux-foundation.org>,
Dave Jones <davej@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Rik van Riel <riel@redhat.com>,
Johannes Weiner <hannes@cmpxchg.org>,
Cyrill Gorcunov <gorcunov@gmail.com>
Subject: Re: mm: BUG in unmap_page_range
Date: Wed, 10 Sep 2014 09:12:04 -0400 [thread overview]
Message-ID: <54104E24.5010402@oracle.com> (raw)
In-Reply-To: <alpine.LSU.2.11.1409091903390.10989@eggly.anvils>
On 09/09/2014 10:45 PM, Hugh Dickins wrote:
> Sasha, you say you're getting plenty of these now, but I've only seen
> the dump for one of them, on Aug26: please post a few more dumps, so
> that we can look for commonality.
I wasn't saving older logs for this issue so I only have 2 traces from
tonight. If that's not enough please let me know and I'll try to add
a few more.
[ 1125.600123] kernel BUG at include/asm-generic/pgtable.h:724!
[ 1125.600123] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 1125.600123] Dumping ftrace buffer:
[ 1125.600123] (ftrace buffer empty)
[ 1125.600123] Modules linked in:
[ 1125.600123] CPU: 16 PID: 11903 Comm: trinity-c517 Not tainted 3.17.0-rc4-next-20140909-sasha-00032-gc16d47b #1135
[ 1125.600123] task: ffff880661730000 ti: ffff880582c20000 task.ti: ffff880582c20000
[ 1125.600123] RIP: 0010:[<ffffffffa32e500a>] [<ffffffffa32e500a>] change_pte_range+0x4ea/0x4f0
[ 1125.600123] RSP: 0018:ffff880582c23d68 EFLAGS: 00010246
[ 1125.600123] RAX: 0000000936d9a900 RBX: 00007ffdb17c8000 RCX: 0000000000000100
[ 1125.600123] RDX: 0000000936d9a900 RSI: 00007ffdb17c8000 RDI: 0000000936d9a900
[ 1125.600123] RBP: ffff880582c23dc8 R08: ffff8802a8f2d400 R09: 0000000000b56000
[ 1125.600123] R10: 0000000000020201 R11: 0000000000000008 R12: ffff88004dd6ee40
[ 1125.600123] R13: 8000000000000025 R14: 00007ffdb1800000 R15: ffffc00000000fff
[ 1125.600123] FS: 00007ffdb6382700(0000) GS:ffff880278200000(0000) knlGS:0000000000000000
[ 1125.600123] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1125.600123] CR2: 00007ffdb617e60c CR3: 000000050ff12000 CR4: 00000000000006a0
[ 1125.600123] DR0: 00000000006f0000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1125.600123] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 1125.600123] Stack:
[ 1125.600123] 0000000000000001 0000000936d9a900 0000000000000046 ffff8804bd549f40
[ 1125.600123] 000000001f989000 ffff8802a8f2d400 ffff88051f989000 00007f9f40604cfdb1ac8000
[ 1125.600123] ffff88032fcc3c58 00007ffdb16df000 00007ffdb16df000 00007ffdb1800000
[ 1125.600123] Call Trace:
[ 1125.600123] [<ffffffffa32e52c4>] change_protection+0x2b4/0x4e0
[ 1125.600123] [<ffffffffa32fefdb>] change_prot_numa+0x1b/0x40
[ 1125.600123] [<ffffffffa31add86>] task_numa_work+0x1f6/0x330
[ 1125.600123] [<ffffffffa3193d84>] task_work_run+0xc4/0xf0
[ 1125.600123] [<ffffffffa3071477>] do_notify_resume+0x97/0xb0
[ 1125.600123] [<ffffffffa650daea>] int_signal+0x12/0x17
[ 1125.600123] Code: 66 90 48 8b 7d b8 e8 f6 75 22 03 48 8b 45 b0 e9 6f ff ff ff 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b <0f> 0b 0f 0b 0f 0b 66 66 66 66 90 55 48 89 e5 41 57 49 89 d7 41
[ 1125.600123] RIP [<ffffffffa32e500a>] change_pte_range+0x4ea/0x4f0
[ 1125.600123] RSP <ffff880582c23d68>
[ 3131.084176] kernel BUG at include/asm-generic/pgtable.h:724!
[ 3131.087358] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 3131.090143] Dumping ftrace buffer:
[ 3131.090143] (ftrace buffer empty)
[ 3131.090143] Modules linked in:
[ 3131.090143] CPU: 8 PID: 20595 Comm: trinity-c34 Not tainted 3.17.0-rc4-next-20140909-sasha-00032-gc16d47b #1135
[ 3131.090143] task: ffff8801ded60000 ti: ffff8803204ec000 task.ti: ffff8803204ec000
[ 3131.090143] RIP: 0010:[<ffffffffa72e500a>] [<ffffffffa72e500a>] change_pte_range+0x4ea/0x4f0
[ 3131.090143] RSP: 0000:ffff8803204efd68 EFLAGS: 00010246
[ 3131.090143] RAX: 0000000971bba900 RBX: 00007ffda1d4d000 RCX: 0000000000000100
[ 3131.090143] RDX: 0000000971bba900 RSI: 00007ffda1d4d000 RDI: 0000000971bba900
[ 3131.120281] RBP: ffff8803204efdc8 R08: ffff88026bed8800 R09: 0000000000b48000
[ 3131.120281] R10: 0000000000076501 R11: 0000000000000008 R12: ffff8801ca071a68
[ 3131.120281] R13: 8000000000000025 R14: 00007ffda1dbf000 R15: ffffc00000000fff
[ 3131.120281] FS: 00007ffda5cd4700(0000) GS:ffff880277e00000(0000) knlGS:0000000000000000
[ 3131.120281] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3131.120281] CR2: 00000000025d6000 CR3: 00000004bcde2000 CR4: 00000000000006a0
[ 3131.120281] Stack:
[ 3131.120281] 0000000000000001 0000000971bba900 000000000000005c ffff8800661a7b60
[ 3131.120281] 00000000f4953000 ffff88026bed8800 ffff8801f4953000 00007ffda1dbf000
[ 3131.120281] ffff8802b3319870 00007ffda1c1b000 00007ffda1c1b000 00007ffda1dbf000
[ 3131.120281] Call Trace:
[ 3131.120281] [<ffffffffa72e52c4>] change_protection+0x2b4/0x4e0
[ 3131.120281] [<ffffffffa72fefdb>] change_prot_numa+0x1b/0x40
[ 3131.120281] [<ffffffffa71add86>] task_numa_work+0x1f6/0x330
[ 3131.120281] [<ffffffffa7193d84>] task_work_run+0xc4/0xf0
[ 3131.120281] [<ffffffffa7071477>] do_notify_resume+0x97/0xb0
[ 3131.120281] [<ffffffffaa50e6ae>] retint_signal+0x4d/0x9f
[ 3131.120281] Code: 66 90 48 8b 7d b8 e8 f6 75 22 03 48 8b 45 b0 e9 6f ff ff ff 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b <0f> 0b 0f 0b 0f 0b 66 66 66 66 90 55 48 89 e5 41 57 49 89 d7 41
[ 3131.120281] RIP [<ffffffffa72e500a>] change_pte_range+0x4ea/0x4f0
[ 3131.120281] RSP <ffff8803204efd68>
> And please attach a disassembly of change_protection_range() (noting
> which of the dumps it corresponds to, in case it has changed around):
> "Code" just shows a cluster of ud2s for the unlikely bugs at end of the
> function, we cannot tell at all what should be in the registers by then.
change_protection_range() got inlined into change_protection(), it applies to
both traces above:
00000000000004f0 <change_protection>:
4f0: e8 00 00 00 00 callq 4f5 <change_protection+0x5>
4f1: R_X86_64_PC32 __fentry__-0x4
4f5: 55 push %rbp
4f6: 48 89 e5 mov %rsp,%rbp
4f9: 41 57 push %r15
4fb: 49 89 d7 mov %rdx,%r15
4fe: 41 56 push %r14
500: 41 55 push %r13
502: 41 54 push %r12
504: 53 push %rbx
505: 48 81 ec 98 00 00 00 sub $0x98,%rsp
50c: 48 89 7d c8 mov %rdi,-0x38(%rbp)
510: 48 89 75 c0 mov %rsi,-0x40(%rbp)
514: 48 89 4d b8 mov %rcx,-0x48(%rbp)
518: 44 89 45 98 mov %r8d,-0x68(%rbp)
51c: 44 89 4d 9c mov %r9d,-0x64(%rbp)
520: f6 47 52 40 testb $0x40,0x52(%rdi)
524: 0f 85 96 03 00 00 jne 8c0 <change_protection+0x3d0>
52a: 48 8b 45 c8 mov -0x38(%rbp),%rax
52e: 48 8b 40 40 mov 0x40(%rax),%rax
532: 48 89 45 80 mov %rax,-0x80(%rbp)
536: 48 39 55 c0 cmp %rdx,-0x40(%rbp)
53a: 0f 83 40 04 00 00 jae 980 <change_protection+0x490>
540: 4c 8b 5d c0 mov -0x40(%rbp),%r11
544: 48 8b 4d 80 mov -0x80(%rbp),%rcx
548: 4c 89 d8 mov %r11,%rax
54b: 48 c1 e8 24 shr $0x24,%rax
54f: c6 81 dc 08 00 00 01 movb $0x1,0x8dc(%rcx)
556: 25 f8 0f 00 00 and $0xff8,%eax
55b: 48 03 41 40 add 0x40(%rcx),%rax
55f: 48 8d 52 ff lea -0x1(%rdx),%rdx
563: 4c 89 7d d0 mov %r15,-0x30(%rbp)
567: 49 89 c7 mov %rax,%r15
56a: 48 89 55 b0 mov %rdx,-0x50(%rbp)
56e: 48 c7 45 a8 00 00 00 movq $0x0,-0x58(%rbp)
575: 00
576: 48 b8 00 00 00 00 80 movabs $0x8000000000,%rax
57d: 00 00 00
580: 49 8b 3f mov (%r15),%rdi
583: 49 bd 00 00 00 00 80 movabs $0xffffff8000000000,%r13
58a: ff ff ff
58d: 4c 01 d8 add %r11,%rax
590: 49 21 c5 and %rax,%r13
593: 49 8d 45 ff lea -0x1(%r13),%rax
597: 48 3b 45 b0 cmp -0x50(%rbp),%rax
59b: 4c 0f 43 6d d0 cmovae -0x30(%rbp),%r13
5a0: 48 85 ff test %rdi,%rdi
5a3: 0f 84 2f 02 00 00 je 7d8 <change_protection+0x2e8>
5a9: 48 b8 fb 0f 00 00 00 movabs $0xffffc00000000ffb,%rax
5b0: c0 ff ff
5b3: 48 21 f8 and %rdi,%rax
5b6: 48 83 f8 63 cmp $0x63,%rax
5ba: 0f 85 98 03 00 00 jne 958 <change_protection+0x468>
5c0: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 5c8 <change_protection+0xd8>
5c7: 00
5c3: R_X86_64_PC32 pv_mmu_ops+0xf3
5c8: 0f 84 d2 03 00 00 je 9a0 <change_protection+0x4b0>
5ce: ff 14 25 00 00 00 00 callq *0x0
5d1: R_X86_64_32S pv_mmu_ops+0xf8
5d5: 4c 89 df mov %r11,%rdi
5d8: 4d 89 ea mov %r13,%r10
5db: 4c 89 bd 60 ff ff ff mov %r15,-0xa0(%rbp)
5e2: 48 ba 00 f0 ff ff ff movabs $0x3ffffffff000,%rdx
5e9: 3f 00 00
5ec: 48 c1 ef 1b shr $0x1b,%rdi
5f0: 48 21 d0 and %rdx,%rax
5f3: 48 be 00 00 00 00 00 movabs $0xffff880000000000,%rsi
5fa: 88 ff ff
5fd: 48 c7 85 68 ff ff ff movq $0x0,-0x98(%rbp)
604: 00 00 00 00
608: 81 e7 f8 0f 00 00 and $0xff8,%edi
60e: 48 89 95 70 ff ff ff mov %rdx,-0x90(%rbp)
615: 48 01 f7 add %rsi,%rdi
618: 4c 8d 34 07 lea (%rdi,%rax,1),%r14
61c: 49 8d 45 ff lea -0x1(%r13),%rax
620: 4d 89 f5 mov %r14,%r13
623: 4d 89 de mov %r11,%r14
626: 48 89 45 a0 mov %rax,-0x60(%rbp)
62a: 49 8d 9e 00 00 00 40 lea 0x40000000(%r14),%rbx
631: 49 8b 7d 00 mov 0x0(%r13),%rdi
635: 48 81 e3 00 00 00 c0 and $0xffffffffc0000000,%rbx
63c: 48 8d 43 ff lea -0x1(%rbx),%rax
640: 48 3b 45 a0 cmp -0x60(%rbp),%rax
644: 49 0f 43 da cmovae %r10,%rbx
648: 48 85 ff test %rdi,%rdi
64b: 0f 84 ff 01 00 00 je 850 <change_protection+0x360>
651: 48 b8 98 0f 00 00 00 movabs $0xffffc00000000f98,%rax
658: c0 ff ff
65b: 48 85 c7 test %rax,%rdi
65e: 0f 85 04 03 00 00 jne 968 <change_protection+0x478>
664: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 66c <change_protection+0x17c>
66b: 00
667: R_X86_64_PC32 pv_mmu_ops+0x11b
66c: 0f 84 4e 03 00 00 je 9c0 <change_protection+0x4d0>
672: 48 8b 45 c8 mov -0x38(%rbp),%rax
676: 48 8b 40 40 mov 0x40(%rax),%rax
67a: 48 89 85 78 ff ff ff mov %rax,-0x88(%rbp)
681: ff 14 25 00 00 00 00 callq *0x0
684: R_X86_64_32S pv_mmu_ops+0x120
688: 48 23 85 70 ff ff ff and -0x90(%rbp),%rax
68f: 4d 89 f4 mov %r14,%r12
692: 45 31 db xor %r11d,%r11d
695: 4c 89 ad 48 ff ff ff mov %r13,-0xb8(%rbp)
69c: 49 c1 ec 12 shr $0x12,%r12
6a0: 48 c7 45 88 00 00 00 movq $0x0,-0x78(%rbp)
6a7: 00
6a8: 4d 89 dd mov %r11,%r13
6ab: 41 81 e4 f8 0f 00 00 and $0xff8,%r12d
6b2: 4c 89 95 50 ff ff ff mov %r10,-0xb0(%rbp)
6b9: 48 ba 00 00 00 00 00 movabs $0xffff880000000000,%rdx
6c0: 88 ff ff
6c3: 48 c7 85 58 ff ff ff movq $0x0,-0xa8(%rbp)
6ca: 00 00 00 00
6ce: 49 01 d4 add %rdx,%r12
6d1: 49 01 c4 add %rax,%r12
6d4: 48 8d 43 ff lea -0x1(%rbx),%rax
6d8: 48 89 45 90 mov %rax,-0x70(%rbp)
6dc: 4d 8d be 00 00 20 00 lea 0x200000(%r14),%r15
6e3: 49 8b 3c 24 mov (%r12),%rdi
6e7: 49 81 e7 00 00 e0 ff and $0xffffffffffe00000,%r15
6ee: 49 8d 47 ff lea -0x1(%r15),%rax
6f2: 48 3b 45 90 cmp -0x70(%rbp),%rax
6f6: 4c 0f 43 fb cmovae %rbx,%r15
6fa: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 702 <change_protection+0x212>
701: 00
6fd: R_X86_64_PC32 pv_mmu_ops+0x10b
702: 0f 84 60 01 00 00 je 868 <change_protection+0x378>
708: ff 14 25 00 00 00 00 callq *0x0
70b: R_X86_64_32S pv_mmu_ops+0x110
70f: a8 80 test $0x80,%al
711: 0f 84 59 01 00 00 je 870 <change_protection+0x380>
717: 4d 85 ed test %r13,%r13
71a: 75 18 jne 734 <change_protection+0x244>
71c: 48 8b 85 78 ff ff ff mov -0x88(%rbp),%rax
723: 4d 89 f5 mov %r14,%r13
726: 48 83 b8 c0 04 00 00 cmpq $0x0,0x4c0(%rax)
72d: 00
72e: 0f 85 54 02 00 00 jne 988 <change_protection+0x498>
734: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 73c <change_protection+0x24c>
73b: 00
737: R_X86_64_PC32 pv_mmu_ops+0x10b
73c: 49 8b 3c 24 mov (%r12),%rdi
740: 0f 84 22 01 00 00 je 868 <change_protection+0x378>
746: ff 14 25 00 00 00 00 callq *0x0
749: R_X86_64_32S pv_mmu_ops+0x110
74d: a8 80 test $0x80,%al
74f: 74 33 je 784 <change_protection+0x294>
751: 4c 89 f8 mov %r15,%rax
754: 4c 29 f0 sub %r14,%rax
757: 48 3d 00 00 20 00 cmp $0x200000,%rax
75d: 0f 84 7d 01 00 00 je 8e0 <change_protection+0x3f0>
763: 48 83 3d 00 00 00 00 cmpq $0x0,0x0(%rip) # 76b <change_protection+0x27b>
76a: 00
766: R_X86_64_PC32 pv_mmu_ops+0x10b
76b: 49 8b 3c 24 mov (%r12),%rdi
76f: 0f 84 f3 00 00 00 je 868 <change_protection+0x378>
775: ff 14 25 00 00 00 00 callq *0x0
778: R_X86_64_32S pv_mmu_ops+0x110
77c: a8 80 test $0x80,%al
77e: 0f 85 24 02 00 00 jne 9a8 <change_protection+0x4b8>
784: 8b 45 9c mov -0x64(%rbp),%eax
787: 4c 89 f9 mov %r15,%rcx
78a: 4c 89 f2 mov %r14,%rdx
78d: 4c 89 e6 mov %r12,%rsi
790: 44 8b 4d 98 mov -0x68(%rbp),%r9d
794: 4c 8b 45 b8 mov -0x48(%rbp),%r8
798: 48 8b 7d c8 mov -0x38(%rbp),%rdi
79c: 89 04 24 mov %eax,(%rsp)
79f: e8 5c f8 ff ff callq 0 <change_pte_range>
7a4: 48 01 45 88 add %rax,-0x78(%rbp)
7a8: 49 83 c4 08 add $0x8,%r12
7ac: 4c 39 fb cmp %r15,%rbx
7af: 74 3f je 7f0 <change_protection+0x300>
7b1: 4d 89 fe mov %r15,%r14
7b4: e9 23 ff ff ff jmpq 6dc <change_protection+0x1ec>
7b9: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
7c0: 48 8b b5 68 ff ff ff mov -0x98(%rbp),%rsi
7c7: 4d 89 d5 mov %r10,%r13
7ca: 4c 8b bd 60 ff ff ff mov -0xa0(%rbp),%r15
7d1: 48 01 75 a8 add %rsi,-0x58(%rbp)
7d5: 0f 1f 00 nopl (%rax)
7d8: 49 83 c7 08 add $0x8,%r15
7dc: 4c 39 6d d0 cmp %r13,-0x30(%rbp)
7e0: 0f 84 3a 01 00 00 je 920 <change_protection+0x430>
7e6: 4d 89 eb mov %r13,%r11
7e9: e9 88 fd ff ff jmpq 576 <change_protection+0x86>
7ee: 66 90 xchg %ax,%ax
7f0: 4d 89 eb mov %r13,%r11
7f3: 4c 8b 95 50 ff ff ff mov -0xb0(%rbp),%r10
7fa: 4c 8b ad 48 ff ff ff mov -0xb8(%rbp),%r13
801: 4d 85 db test %r11,%r11
804: 74 2a je 830 <change_protection+0x340>
806: 48 8b 85 78 ff ff ff mov -0x88(%rbp),%rax
80d: 48 83 b8 c0 04 00 00 cmpq $0x0,0x4c0(%rax)
814: 00
815: 74 19 je 830 <change_protection+0x340>
817: 48 89 da mov %rbx,%rdx
81a: 4c 89 de mov %r11,%rsi
81d: 48 89 c7 mov %rax,%rdi
820: 4c 89 55 90 mov %r10,-0x70(%rbp)
824: e8 00 00 00 00 callq 829 <change_protection+0x339>
825: R_X86_64_PC32 __mmu_notifier_invalidate_range_end-0x4
829: 4c 8b 55 90 mov -0x70(%rbp),%r10
82d: 0f 1f 00 nopl (%rax)
830: 48 8b 85 58 ff ff ff mov -0xa8(%rbp),%rax
837: 48 85 c0 test %rax,%rax
83a: 74 09 je 845 <change_protection+0x355>
83c: 65 48 01 04 25 00 00 add %rax,%gs:0x0
843: 00 00
841: R_X86_64_32S vm_event_states+0x170
845: 48 8b 75 88 mov -0x78(%rbp),%rsi
849: 48 01 b5 68 ff ff ff add %rsi,-0x98(%rbp)
850: 49 83 c5 08 add $0x8,%r13
854: 49 39 da cmp %rbx,%r10
857: 0f 84 63 ff ff ff je 7c0 <change_protection+0x2d0>
85d: 49 89 de mov %rbx,%r14
860: e9 c5 fd ff ff jmpq 62a <change_protection+0x13a>
865: 0f 1f 00 nopl (%rax)
868: 0f 0b ud2
86a: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
870: 49 8b 04 24 mov (%r12),%rax
874: 48 85 c0 test %rax,%rax
877: 0f 84 2b ff ff ff je 7a8 <change_protection+0x2b8>
87d: 48 89 c2 mov %rax,%rdx
880: 81 e2 01 02 00 00 and $0x201,%edx
886: 48 81 fa 00 02 00 00 cmp $0x200,%rdx
88d: 0f 84 84 fe ff ff je 717 <change_protection+0x227>
893: 48 be fb 0f 00 00 00 movabs $0xffffc00000000ffb,%rsi
89a: c0 ff ff
89d: 48 21 f0 and %rsi,%rax
8a0: 48 83 f8 63 cmp $0x63,%rax
8a4: 0f 84 6d fe ff ff je 717 <change_protection+0x227>
8aa: 4c 89 e7 mov %r12,%rdi
8ad: e8 00 00 00 00 callq 8b2 <change_protection+0x3c2>
8ae: R_X86_64_PC32 pmd_clear_bad-0x4
8b2: e9 f1 fe ff ff jmpq 7a8 <change_protection+0x2b8>
8b7: 66 0f 1f 84 00 00 00 nopw 0x0(%rax,%rax,1)
8be: 00 00
8c0: e8 00 00 00 00 callq 8c5 <change_protection+0x3d5>
8c1: R_X86_64_PC32 hugetlb_change_protection-0x4
8c5: 48 89 45 a8 mov %rax,-0x58(%rbp)
8c9: 48 8b 45 a8 mov -0x58(%rbp),%rax
8cd: 48 81 c4 98 00 00 00 add $0x98,%rsp
8d4: 5b pop %rbx
8d5: 41 5c pop %r12
8d7: 41 5d pop %r13
8d9: 41 5e pop %r14
8db: 41 5f pop %r15
8dd: 5d pop %rbp
8de: c3 retq
8df: 90 nop
8e0: 44 8b 45 9c mov -0x64(%rbp),%r8d
8e4: 4c 89 f2 mov %r14,%rdx
8e7: 4c 89 e6 mov %r12,%rsi
8ea: 48 8b 4d b8 mov -0x48(%rbp),%rcx
8ee: 48 8b 7d c8 mov -0x38(%rbp),%rdi
8f2: e8 00 00 00 00 callq 8f7 <change_protection+0x407>
8f3: R_X86_64_PC32 change_huge_pmd-0x4
8f7: 85 c0 test %eax,%eax
8f9: 0f 84 85 fe ff ff je 784 <change_protection+0x294>
8ff: 3d 00 02 00 00 cmp $0x200,%eax
904: 0f 85 9e fe ff ff jne 7a8 <change_protection+0x2b8>
90a: 48 81 45 88 00 02 00 addq $0x200,-0x78(%rbp)
911: 00
912: 48 83 85 58 ff ff ff addq $0x1,-0xa8(%rbp)
919: 01
91a: e9 89 fe ff ff jmpq 7a8 <change_protection+0x2b8>
91f: 90 nop
920: 48 83 7d a8 00 cmpq $0x0,-0x58(%rbp)
925: 4c 8b 7d d0 mov -0x30(%rbp),%r15
929: 74 18 je 943 <change_protection+0x453>
92b: 48 8b 45 c8 mov -0x38(%rbp),%rax
92f: 4c 89 fa mov %r15,%rdx
932: 48 8b 75 c0 mov -0x40(%rbp),%rsi
936: 48 8b 48 50 mov 0x50(%rax),%rcx
93a: 48 8b 78 40 mov 0x40(%rax),%rdi
93e: e8 00 00 00 00 callq 943 <change_protection+0x453>
93f: R_X86_64_PC32 flush_tlb_mm_range-0x4
943: 48 8b 45 80 mov -0x80(%rbp),%rax
947: c6 80 dc 08 00 00 00 movb $0x0,0x8dc(%rax)
94e: e9 76 ff ff ff jmpq 8c9 <change_protection+0x3d9>
953: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
958: 4c 89 ff mov %r15,%rdi
95b: e8 00 00 00 00 callq 960 <change_protection+0x470>
95c: R_X86_64_PC32 pgd_clear_bad-0x4
960: e9 73 fe ff ff jmpq 7d8 <change_protection+0x2e8>
965: 0f 1f 00 nopl (%rax)
968: 4c 89 ef mov %r13,%rdi
96b: 4c 89 55 90 mov %r10,-0x70(%rbp)
96f: e8 00 00 00 00 callq 974 <change_protection+0x484>
970: R_X86_64_PC32 pud_clear_bad-0x4
974: 4c 8b 55 90 mov -0x70(%rbp),%r10
978: e9 d3 fe ff ff jmpq 850 <change_protection+0x360>
97d: 0f 1f 00 nopl (%rax)
980: 0f 0b ud2
982: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
988: 48 89 da mov %rbx,%rdx
98b: 4c 89 f6 mov %r14,%rsi
98e: 48 89 c7 mov %rax,%rdi
991: e8 00 00 00 00 callq 996 <change_protection+0x4a6>
992: R_X86_64_PC32 __mmu_notifier_invalidate_range_start-0x4
996: e9 99 fd ff ff jmpq 734 <change_protection+0x244>
99b: 0f 1f 44 00 00 nopl 0x0(%rax,%rax,1)
9a0: 0f 0b ud2
9a2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
9a8: 48 8b 7d c8 mov -0x38(%rbp),%rdi
9ac: 4c 89 e2 mov %r12,%rdx
9af: 4c 89 f6 mov %r14,%rsi
9b2: e8 00 00 00 00 callq 9b7 <change_protection+0x4c7>
9b3: R_X86_64_PC32 __split_huge_page_pmd-0x4
9b7: e9 c8 fd ff ff jmpq 784 <change_protection+0x294>
9bc: 0f 1f 40 00 nopl 0x0(%rax)
9c0: 0f 0b ud2
9c2: 66 66 66 66 66 2e 0f data32 data32 data32 data32 nopw %cs:0x0(%rax,%rax,1)
9c9: 1f 84 00 00 00 00 00
> I've been rather assuming that the 9d340902 seen in many of the
> registers in that Aug26 dump is the pte val in question: that's
> SOFT_DIRTY|PROTNONE|RW.
>
> I think RW on PROTNONE is unusual but not impossible (migration entry
> replacement racing with mprotect setting PROT_NONE, after it's updated
> vm_page_prot, before it's reached the page table). But exciting though
> that line of thought is, I cannot actually bring it to a pte_mknuma bug,
> or any bug at all.
>
> Mel, no way can it be the cause of this bug - unless Sasha's later
> traces actually show a different stack - but I don't see the call
> to change_prot_numa() from queue_pages_range() sharing the same
> avoidance of PROT_NONE that task_numa_work() has (though it does
> have an outdated comment about PROT_NONE which should be removed).
> So I think that site probably does need PROT_NONE checking added.
I've spotted a new trace in overnight fuzzing, it could be related to this issue:
[ 3494.324839] general protection fault: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 3494.332153] Dumping ftrace buffer:
[ 3494.332153] (ftrace buffer empty)
[ 3494.332153] Modules linked in:
[ 3494.332153] CPU: 8 PID: 2727 Comm: trinity-c929 Not tainted 3.17.0-rc4-next-20140909-sasha-00032-gc16d47b #1135
[ 3494.332153] task: ffff88047e52b000 ti: ffff8804d491c000 task.ti: ffff8804d491c000
[ 3494.332153] RIP: task_numa_work (include/linux/mempolicy.h:177 kernel/sched/fair.c:1956)
[ 3494.332153] RSP: 0000:ffff8804d491feb8 EFLAGS: 00010206
[ 3494.332153] RAX: 0000000000000000 RBX: ffff8804bf4e8000 RCX: 000000000000e8e8
[ 3494.343974] RDX: 000000000000000a RSI: 0000000000000000 RDI: ffff8804bd6d4da8
[ 3494.343974] RBP: ffff8804d491fef8 R08: ffff8804bf4e84c8 R09: 0000000000000000
[ 3494.343974] R10: 00007f53e443c000 R11: 0000000000000001 R12: 00007f53e443c000
[ 3494.343974] R13: 000000000000dc51 R14: 006f732e61727478 R15: ffff88047e52b000
[ 3494.343974] FS: 00007f53e463f700(0000) GS:ffff880277e00000(0000) knlGS:0000000000000000
[ 3494.343974] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 3494.369895] CR2: 0000000001670fa8 CR3: 0000000283562000 CR4: 00000000000006a0
[ 3494.369895] DR0: 00000000006f0000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3494.369895] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 3494.380081] Stack:
[ 3494.380081] ffff8804bf4e80a8 0000000000000014 00007f53e4437000 0000000000000000
[ 3494.380081] ffffffff9b976e70 ffff88047e52bbd8 ffff88047e52b000 0000000000000000
[ 3494.380081] ffff8804d491ff28 ffffffff95193d84 0000000000000002 ffff8804d491ff58
[ 3494.380081] Call Trace:
[ 3494.380081] task_work_run (kernel/task_work.c:125 (discriminator 1))
[ 3494.380081] do_notify_resume (include/linux/tracehook.h:190 arch/x86/kernel/signal.c:758)
[ 3494.380081] retint_signal (arch/x86/kernel/entry_64.S:918)
[ 3494.380081] Code: e8 1e e5 01 00 48 89 df 4c 89 e6 e8 a3 2d 13 00 49 89 c6 48 85 c0 0f 84 07 02 00 00 48 c7 45 c8 00 00 00 00 0f 1f 80 00 00 00 00 <49> f7 46 50 00 44 00 00 0f 85 42 01 00 00 49 8b 86 a0 00 00 00
All code
========
0: e8 1e e5 01 00 callq 0x1e523
5: 48 89 df mov %rbx,%rdi
8: 4c 89 e6 mov %r12,%rsi
b: e8 a3 2d 13 00 callq 0x132db3
10: 49 89 c6 mov %rax,%r14
13: 48 85 c0 test %rax,%rax
16: 0f 84 07 02 00 00 je 0x223
1c: 48 c7 45 c8 00 00 00 movq $0x0,-0x38(%rbp)
23: 00
24: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
2b:* 49 f7 46 50 00 44 00 testq $0x4400,0x50(%r14) <-- trapping instruction
32: 00
33: 0f 85 42 01 00 00 jne 0x17b
39: 49 8b 86 a0 00 00 00 mov 0xa0(%r14),%rax
...
Code starting with the faulting instruction
===========================================
0: 49 f7 46 50 00 44 00 testq $0x4400,0x50(%r14)
7: 00
8: 0f 85 42 01 00 00 jne 0x150
e: 49 8b 86 a0 00 00 00 mov 0xa0(%r14),%rax
...
[ 3494.380081] RIP task_numa_work (include/linux/mempolicy.h:177 kernel/sched/fair.c:1956)
[ 3494.380081] RSP <ffff8804d491feb8>
Thanks,
Sasha
next prev parent reply other threads:[~2014-09-10 13:12 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-02 21:58 mm: BUG in unmap_page_range Sasha Levin
2014-08-02 21:58 ` Sasha Levin
2014-08-04 11:40 ` Hugh Dickins
2014-08-04 11:40 ` Hugh Dickins
2014-08-05 14:44 ` Mel Gorman
2014-08-05 14:44 ` Mel Gorman
2014-08-06 0:42 ` Hugh Dickins
2014-08-06 0:42 ` Hugh Dickins
2014-08-06 1:04 ` Sasha Levin
2014-08-06 1:04 ` Sasha Levin
2014-08-12 3:28 ` Sasha Levin
2014-08-12 3:28 ` Sasha Levin
2014-08-12 10:47 ` [PATCH] x86,mm: fix pte_special versus pte_numa Mel Gorman
2014-08-12 10:47 ` Mel Gorman
2014-08-12 11:08 ` [PATCH] mm: Remove misleading ARCH_USES_NUMA_PROT_NONE Mel Gorman
2014-08-12 11:08 ` Mel Gorman
2014-08-13 13:14 ` Aneesh Kumar K.V
2014-08-13 13:14 ` Aneesh Kumar K.V
2014-08-27 3:16 ` mm: BUG in unmap_page_range Sasha Levin
2014-08-27 3:16 ` Sasha Levin
2014-08-27 15:26 ` Mel Gorman
2014-08-27 15:26 ` Mel Gorman
2014-08-27 18:21 ` Sasha Levin
2014-08-27 18:21 ` Sasha Levin
2014-08-30 1:23 ` Sasha Levin
2014-08-30 1:23 ` Sasha Levin
2014-09-04 9:04 ` Sasha Levin
2014-09-04 9:04 ` Sasha Levin
2014-09-08 17:18 ` Mel Gorman
2014-09-08 17:18 ` Mel Gorman
2014-09-08 17:23 ` Sasha Levin
2014-09-08 17:56 ` Sasha Levin
2014-09-08 17:56 ` Sasha Levin
2014-09-09 21:33 ` Mel Gorman
2014-09-09 21:33 ` Mel Gorman
2014-09-09 22:20 ` Sasha Levin
2014-09-09 22:20 ` Sasha Levin
2014-09-10 2:45 ` Hugh Dickins
2014-09-10 2:45 ` Hugh Dickins
2014-09-10 12:47 ` Mel Gorman
2014-09-10 12:47 ` Mel Gorman
2014-09-10 14:24 ` Trinity and mbind flags (WAS: Re: mm: BUG in unmap_page_range) Sasha Levin
2014-09-10 14:24 ` Sasha Levin
2014-09-10 14:33 ` Dave Jones
2014-09-10 14:33 ` Dave Jones
2014-09-10 19:06 ` mm: BUG in unmap_page_range Sasha Levin
2014-09-10 19:06 ` Sasha Levin
2014-09-10 19:36 ` Hugh Dickins
2014-09-10 19:36 ` Hugh Dickins
2014-09-11 2:43 ` Sasha Levin
2014-09-11 2:43 ` Sasha Levin
2014-09-11 11:39 ` Hugh Dickins
2014-09-11 11:39 ` Hugh Dickins
2014-09-11 14:22 ` Sasha Levin
2014-09-11 14:22 ` Sasha Levin
2014-09-11 14:33 ` Dave Jones
2014-09-11 14:33 ` Dave Jones
2014-09-11 16:28 ` Mel Gorman
2014-09-11 16:28 ` Mel Gorman
2014-09-11 22:38 ` Sasha Levin
2014-09-11 22:38 ` Sasha Levin
2014-09-17 21:37 ` Sasha Levin
2014-09-17 21:37 ` Sasha Levin
2014-09-10 13:12 ` Sasha Levin [this message]
2014-09-10 13:12 ` Sasha Levin
2014-09-10 13:40 ` Mel Gorman
2014-09-10 13:40 ` Mel Gorman
2014-09-10 16:44 ` Sasha Levin
2014-09-10 16:44 ` Sasha Levin
2014-09-10 19:09 ` Hugh Dickins
2014-09-10 19:09 ` Hugh Dickins
2014-09-10 20:36 ` Sasha Levin
2014-09-10 20:36 ` Sasha Levin
2014-09-10 23:00 ` Hugh Dickins
2014-09-10 23:00 ` Hugh Dickins
2014-08-06 10:35 ` Mel Gorman
2014-08-06 10:35 ` Mel Gorman
2014-08-06 7:14 ` Aneesh Kumar K.V
2014-08-06 7:14 ` Aneesh Kumar K.V
2014-08-06 7:14 ` Aneesh Kumar K.V
2014-08-06 10:23 ` Mel Gorman
2014-08-06 10:23 ` Mel Gorman
2014-08-06 10:23 ` Mel Gorman
2014-08-07 8:40 ` Aneesh Kumar K.V
2014-08-07 8:40 ` Aneesh Kumar K.V
2014-08-07 8:40 ` Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54104E24.5010402@oracle.com \
--to=sasha.levin@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=davej@redhat.com \
--cc=gorcunov@gmail.com \
--cc=hannes@cmpxchg.org \
--cc=hughd@google.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mgorman@suse.de \
--cc=peterz@infradead.org \
--cc=riel@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.