From: Sasha Levin <sasha.levin@oracle.com>
To: Mel Gorman <mgorman@suse.de>
Cc: Hugh Dickins <hughd@google.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Andrew Morton <akpm@linux-foundation.org>,
Dave Jones <davej@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Rik van Riel <riel@redhat.com>,
Johannes Weiner <hannes@cmpxchg.org>,
Cyrill Gorcunov <gorcunov@gmail.com>
Subject: Re: mm: BUG in unmap_page_range
Date: Wed, 10 Sep 2014 12:44:03 -0400 [thread overview]
Message-ID: <54107FD3.90300@oracle.com> (raw)
In-Reply-To: <20140910134014.GU17501@suse.de>
On 09/10/2014 09:40 AM, Mel Gorman wrote:
> On Wed, Sep 10, 2014 at 09:12:04AM -0400, Sasha Levin wrote:
>> <SNIP, haven't digested the rest>
>>
>> I've spotted a new trace in overnight fuzzing, it could be related to this issue:
>>
>> [ 3494.324839] general protection fault: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
>> [ 3494.332153] Dumping ftrace buffer:
>> [ 3494.332153] (ftrace buffer empty)
>> [ 3494.332153] Modules linked in:
>> [ 3494.332153] CPU: 8 PID: 2727 Comm: trinity-c929 Not tainted 3.17.0-rc4-next-20140909-sasha-00032-gc16d47b #1135
>> [ 3494.332153] task: ffff88047e52b000 ti: ffff8804d491c000 task.ti: ffff8804d491c000
>> [ 3494.332153] RIP: task_numa_work (include/linux/mempolicy.h:177 kernel/sched/fair.c:1956)
>> [ 3494.332153] RSP: 0000:ffff8804d491feb8 EFLAGS: 00010206
>> [ 3494.332153] RAX: 0000000000000000 RBX: ffff8804bf4e8000 RCX: 000000000000e8e8
>> [ 3494.343974] RDX: 000000000000000a RSI: 0000000000000000 RDI: ffff8804bd6d4da8
>> [ 3494.343974] RBP: ffff8804d491fef8 R08: ffff8804bf4e84c8 R09: 0000000000000000
>> [ 3494.343974] R10: 00007f53e443c000 R11: 0000000000000001 R12: 00007f53e443c000
>> [ 3494.343974] R13: 000000000000dc51 R14: 006f732e61727478 R15: ffff88047e52b000
>> [ 3494.343974] FS: 00007f53e463f700(0000) GS:ffff880277e00000(0000) knlGS:0000000000000000
>> [ 3494.343974] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>> [ 3494.369895] CR2: 0000000001670fa8 CR3: 0000000283562000 CR4: 00000000000006a0
>> [ 3494.369895] DR0: 00000000006f0000 DR1: 0000000000000000 DR2: 0000000000000000
>> [ 3494.369895] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
>> [ 3494.380081] Stack:
>> [ 3494.380081] ffff8804bf4e80a8 0000000000000014 00007f53e4437000 0000000000000000
>> [ 3494.380081] ffffffff9b976e70 ffff88047e52bbd8 ffff88047e52b000 0000000000000000
>> [ 3494.380081] ffff8804d491ff28 ffffffff95193d84 0000000000000002 ffff8804d491ff58
>> [ 3494.380081] Call Trace:
>> [ 3494.380081] task_work_run (kernel/task_work.c:125 (discriminator 1))
>> [ 3494.380081] do_notify_resume (include/linux/tracehook.h:190 arch/x86/kernel/signal.c:758)
>> [ 3494.380081] retint_signal (arch/x86/kernel/entry_64.S:918)
>> [ 3494.380081] Code: e8 1e e5 01 00 48 89 df 4c 89 e6 e8 a3 2d 13 00 49 89 c6 48 85 c0 0f 84 07 02 00 00 48 c7 45 c8 00 00 00 00 0f 1f 80 00 00 00 00 <49> f7 46 50 00 44 00 00 0f 85 42 01 00 00 49 8b 86 a0 00 00 00
>
> Shot in dark, can you test this please? Pagetable teardown can schedule
> and I'm wondering if we are trying to add hinting faults to an address
> space that is in the process of going away. The TASK_DEAD check is bogus
> so replacing it.
Mel, I ran today's -next with both of your patches, but the issue still remains:
[ 3114.540976] kernel BUG at include/asm-generic/pgtable.h:724!
[ 3114.541857] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 3114.543112] Dumping ftrace buffer:
[ 3114.544056] (ftrace buffer empty)
[ 3114.545000] Modules linked in:
[ 3114.545717] CPU: 18 PID: 30217 Comm: trinity-c617 Tainted: G W 3.17.0-rc4-next-20140910-sasha-00032-g6825fb5-dirty #1137
[ 3114.548058] task: ffff880415050000 ti: ffff88076f584000 task.ti: ffff88076f584000
[ 3114.549284] RIP: 0010:[<ffffffff952e527a>] [<ffffffff952e527a>] change_pte_range+0x4ea/0x4f0
[ 3114.550028] RSP: 0000:ffff88076f587d68 EFLAGS: 00010246
[ 3114.550028] RAX: 0000000314625900 RBX: 0000000041218000 RCX: 0000000000000100
[ 3114.550028] RDX: 0000000314625900 RSI: 0000000041218000 RDI: 0000000314625900
[ 3114.550028] RBP: ffff88076f587dc8 R08: ffff8802cf973600 R09: 0000000000b50000
[ 3114.550028] R10: 0000000000032c01 R11: 0000000000000008 R12: ffff8802a81070c0
[ 3114.550028] R13: 8000000000000025 R14: 0000000041343000 R15: ffffc00000000fff
[ 3114.550028] FS: 00007fabb91c8700(0000) GS:ffff88025ec00000(0000) knlGS:0000000000000000
[ 3114.550028] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 3114.550028] CR2: 00007fffdb7678e8 CR3: 0000000713935000 CR4: 00000000000006a0
[ 3114.550028] DR0: 00000000006f0000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3114.550028] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000050602
[ 3114.550028] Stack:
[ 3114.550028] 0000000000000001 0000000314625900 0000000000000018 ffff8802685f2260
[ 3114.550028] 0000000016840000 ffff8802cf973600 ffff880616840000 0000000041343000
[ 3114.550028] ffff880108805048 0000000041005000 0000000041200000 0000000041343000
[ 3114.550028] Call Trace:
[ 3114.550028] [<ffffffff952e5534>] change_protection+0x2b4/0x4e0
[ 3114.550028] [<ffffffff952ff24b>] change_prot_numa+0x1b/0x40
[ 3114.550028] [<ffffffff951adf16>] task_numa_work+0x1f6/0x330
[ 3114.550028] [<ffffffff95193de4>] task_work_run+0xc4/0xf0
[ 3114.550028] [<ffffffff95071477>] do_notify_resume+0x97/0xb0
[ 3114.550028] [<ffffffff9850f06a>] int_signal+0x12/0x17
[ 3114.550028] Code: 66 90 48 8b 7d b8 e8 e6 88 22 03 48 8b 45 b0 e9 6f ff ff ff 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b <0f> 0b 0f 0b 0f 0b 66 66 66 66 90 55 48 89 e5 41 57 49 89 d7 41
[ 3114.550028] RIP [<ffffffff952e527a>] change_pte_range+0x4ea/0x4f0
[ 3114.550028] RSP <ffff88076f587d68>
Thanks,
Sasha
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Sasha Levin <sasha.levin@oracle.com>
To: Mel Gorman <mgorman@suse.de>
Cc: Hugh Dickins <hughd@google.com>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
Andrew Morton <akpm@linux-foundation.org>,
Dave Jones <davej@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Rik van Riel <riel@redhat.com>,
Johannes Weiner <hannes@cmpxchg.org>,
Cyrill Gorcunov <gorcunov@gmail.com>
Subject: Re: mm: BUG in unmap_page_range
Date: Wed, 10 Sep 2014 12:44:03 -0400 [thread overview]
Message-ID: <54107FD3.90300@oracle.com> (raw)
In-Reply-To: <20140910134014.GU17501@suse.de>
On 09/10/2014 09:40 AM, Mel Gorman wrote:
> On Wed, Sep 10, 2014 at 09:12:04AM -0400, Sasha Levin wrote:
>> <SNIP, haven't digested the rest>
>>
>> I've spotted a new trace in overnight fuzzing, it could be related to this issue:
>>
>> [ 3494.324839] general protection fault: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
>> [ 3494.332153] Dumping ftrace buffer:
>> [ 3494.332153] (ftrace buffer empty)
>> [ 3494.332153] Modules linked in:
>> [ 3494.332153] CPU: 8 PID: 2727 Comm: trinity-c929 Not tainted 3.17.0-rc4-next-20140909-sasha-00032-gc16d47b #1135
>> [ 3494.332153] task: ffff88047e52b000 ti: ffff8804d491c000 task.ti: ffff8804d491c000
>> [ 3494.332153] RIP: task_numa_work (include/linux/mempolicy.h:177 kernel/sched/fair.c:1956)
>> [ 3494.332153] RSP: 0000:ffff8804d491feb8 EFLAGS: 00010206
>> [ 3494.332153] RAX: 0000000000000000 RBX: ffff8804bf4e8000 RCX: 000000000000e8e8
>> [ 3494.343974] RDX: 000000000000000a RSI: 0000000000000000 RDI: ffff8804bd6d4da8
>> [ 3494.343974] RBP: ffff8804d491fef8 R08: ffff8804bf4e84c8 R09: 0000000000000000
>> [ 3494.343974] R10: 00007f53e443c000 R11: 0000000000000001 R12: 00007f53e443c000
>> [ 3494.343974] R13: 000000000000dc51 R14: 006f732e61727478 R15: ffff88047e52b000
>> [ 3494.343974] FS: 00007f53e463f700(0000) GS:ffff880277e00000(0000) knlGS:0000000000000000
>> [ 3494.343974] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>> [ 3494.369895] CR2: 0000000001670fa8 CR3: 0000000283562000 CR4: 00000000000006a0
>> [ 3494.369895] DR0: 00000000006f0000 DR1: 0000000000000000 DR2: 0000000000000000
>> [ 3494.369895] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
>> [ 3494.380081] Stack:
>> [ 3494.380081] ffff8804bf4e80a8 0000000000000014 00007f53e4437000 0000000000000000
>> [ 3494.380081] ffffffff9b976e70 ffff88047e52bbd8 ffff88047e52b000 0000000000000000
>> [ 3494.380081] ffff8804d491ff28 ffffffff95193d84 0000000000000002 ffff8804d491ff58
>> [ 3494.380081] Call Trace:
>> [ 3494.380081] task_work_run (kernel/task_work.c:125 (discriminator 1))
>> [ 3494.380081] do_notify_resume (include/linux/tracehook.h:190 arch/x86/kernel/signal.c:758)
>> [ 3494.380081] retint_signal (arch/x86/kernel/entry_64.S:918)
>> [ 3494.380081] Code: e8 1e e5 01 00 48 89 df 4c 89 e6 e8 a3 2d 13 00 49 89 c6 48 85 c0 0f 84 07 02 00 00 48 c7 45 c8 00 00 00 00 0f 1f 80 00 00 00 00 <49> f7 46 50 00 44 00 00 0f 85 42 01 00 00 49 8b 86 a0 00 00 00
>
> Shot in dark, can you test this please? Pagetable teardown can schedule
> and I'm wondering if we are trying to add hinting faults to an address
> space that is in the process of going away. The TASK_DEAD check is bogus
> so replacing it.
Mel, I ran today's -next with both of your patches, but the issue still remains:
[ 3114.540976] kernel BUG at include/asm-generic/pgtable.h:724!
[ 3114.541857] invalid opcode: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC
[ 3114.543112] Dumping ftrace buffer:
[ 3114.544056] (ftrace buffer empty)
[ 3114.545000] Modules linked in:
[ 3114.545717] CPU: 18 PID: 30217 Comm: trinity-c617 Tainted: G W 3.17.0-rc4-next-20140910-sasha-00032-g6825fb5-dirty #1137
[ 3114.548058] task: ffff880415050000 ti: ffff88076f584000 task.ti: ffff88076f584000
[ 3114.549284] RIP: 0010:[<ffffffff952e527a>] [<ffffffff952e527a>] change_pte_range+0x4ea/0x4f0
[ 3114.550028] RSP: 0000:ffff88076f587d68 EFLAGS: 00010246
[ 3114.550028] RAX: 0000000314625900 RBX: 0000000041218000 RCX: 0000000000000100
[ 3114.550028] RDX: 0000000314625900 RSI: 0000000041218000 RDI: 0000000314625900
[ 3114.550028] RBP: ffff88076f587dc8 R08: ffff8802cf973600 R09: 0000000000b50000
[ 3114.550028] R10: 0000000000032c01 R11: 0000000000000008 R12: ffff8802a81070c0
[ 3114.550028] R13: 8000000000000025 R14: 0000000041343000 R15: ffffc00000000fff
[ 3114.550028] FS: 00007fabb91c8700(0000) GS:ffff88025ec00000(0000) knlGS:0000000000000000
[ 3114.550028] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 3114.550028] CR2: 00007fffdb7678e8 CR3: 0000000713935000 CR4: 00000000000006a0
[ 3114.550028] DR0: 00000000006f0000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3114.550028] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000050602
[ 3114.550028] Stack:
[ 3114.550028] 0000000000000001 0000000314625900 0000000000000018 ffff8802685f2260
[ 3114.550028] 0000000016840000 ffff8802cf973600 ffff880616840000 0000000041343000
[ 3114.550028] ffff880108805048 0000000041005000 0000000041200000 0000000041343000
[ 3114.550028] Call Trace:
[ 3114.550028] [<ffffffff952e5534>] change_protection+0x2b4/0x4e0
[ 3114.550028] [<ffffffff952ff24b>] change_prot_numa+0x1b/0x40
[ 3114.550028] [<ffffffff951adf16>] task_numa_work+0x1f6/0x330
[ 3114.550028] [<ffffffff95193de4>] task_work_run+0xc4/0xf0
[ 3114.550028] [<ffffffff95071477>] do_notify_resume+0x97/0xb0
[ 3114.550028] [<ffffffff9850f06a>] int_signal+0x12/0x17
[ 3114.550028] Code: 66 90 48 8b 7d b8 e8 e6 88 22 03 48 8b 45 b0 e9 6f ff ff ff 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b 66 0f 1f 44 00 00 0f 0b <0f> 0b 0f 0b 0f 0b 66 66 66 66 90 55 48 89 e5 41 57 49 89 d7 41
[ 3114.550028] RIP [<ffffffff952e527a>] change_pte_range+0x4ea/0x4f0
[ 3114.550028] RSP <ffff88076f587d68>
Thanks,
Sasha
next prev parent reply other threads:[~2014-09-10 16:44 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-02 21:58 mm: BUG in unmap_page_range Sasha Levin
2014-08-02 21:58 ` Sasha Levin
2014-08-04 11:40 ` Hugh Dickins
2014-08-04 11:40 ` Hugh Dickins
2014-08-05 14:44 ` Mel Gorman
2014-08-05 14:44 ` Mel Gorman
2014-08-06 0:42 ` Hugh Dickins
2014-08-06 0:42 ` Hugh Dickins
2014-08-06 1:04 ` Sasha Levin
2014-08-06 1:04 ` Sasha Levin
2014-08-12 3:28 ` Sasha Levin
2014-08-12 3:28 ` Sasha Levin
2014-08-12 10:47 ` [PATCH] x86,mm: fix pte_special versus pte_numa Mel Gorman
2014-08-12 10:47 ` Mel Gorman
2014-08-12 11:08 ` [PATCH] mm: Remove misleading ARCH_USES_NUMA_PROT_NONE Mel Gorman
2014-08-12 11:08 ` Mel Gorman
2014-08-13 13:14 ` Aneesh Kumar K.V
2014-08-13 13:14 ` Aneesh Kumar K.V
2014-08-27 3:16 ` mm: BUG in unmap_page_range Sasha Levin
2014-08-27 3:16 ` Sasha Levin
2014-08-27 15:26 ` Mel Gorman
2014-08-27 15:26 ` Mel Gorman
2014-08-27 18:21 ` Sasha Levin
2014-08-27 18:21 ` Sasha Levin
2014-08-30 1:23 ` Sasha Levin
2014-08-30 1:23 ` Sasha Levin
2014-09-04 9:04 ` Sasha Levin
2014-09-04 9:04 ` Sasha Levin
2014-09-08 17:18 ` Mel Gorman
2014-09-08 17:18 ` Mel Gorman
2014-09-08 17:23 ` Sasha Levin
2014-09-08 17:56 ` Sasha Levin
2014-09-08 17:56 ` Sasha Levin
2014-09-09 21:33 ` Mel Gorman
2014-09-09 21:33 ` Mel Gorman
2014-09-09 22:20 ` Sasha Levin
2014-09-09 22:20 ` Sasha Levin
2014-09-10 2:45 ` Hugh Dickins
2014-09-10 2:45 ` Hugh Dickins
2014-09-10 12:47 ` Mel Gorman
2014-09-10 12:47 ` Mel Gorman
2014-09-10 14:24 ` Trinity and mbind flags (WAS: Re: mm: BUG in unmap_page_range) Sasha Levin
2014-09-10 14:24 ` Sasha Levin
2014-09-10 14:33 ` Dave Jones
2014-09-10 14:33 ` Dave Jones
2014-09-10 19:06 ` mm: BUG in unmap_page_range Sasha Levin
2014-09-10 19:06 ` Sasha Levin
2014-09-10 19:36 ` Hugh Dickins
2014-09-10 19:36 ` Hugh Dickins
2014-09-11 2:43 ` Sasha Levin
2014-09-11 2:43 ` Sasha Levin
2014-09-11 11:39 ` Hugh Dickins
2014-09-11 11:39 ` Hugh Dickins
2014-09-11 14:22 ` Sasha Levin
2014-09-11 14:22 ` Sasha Levin
2014-09-11 14:33 ` Dave Jones
2014-09-11 14:33 ` Dave Jones
2014-09-11 16:28 ` Mel Gorman
2014-09-11 16:28 ` Mel Gorman
2014-09-11 22:38 ` Sasha Levin
2014-09-11 22:38 ` Sasha Levin
2014-09-17 21:37 ` Sasha Levin
2014-09-17 21:37 ` Sasha Levin
2014-09-10 13:12 ` Sasha Levin
2014-09-10 13:12 ` Sasha Levin
2014-09-10 13:40 ` Mel Gorman
2014-09-10 13:40 ` Mel Gorman
2014-09-10 16:44 ` Sasha Levin [this message]
2014-09-10 16:44 ` Sasha Levin
2014-09-10 19:09 ` Hugh Dickins
2014-09-10 19:09 ` Hugh Dickins
2014-09-10 20:36 ` Sasha Levin
2014-09-10 20:36 ` Sasha Levin
2014-09-10 23:00 ` Hugh Dickins
2014-09-10 23:00 ` Hugh Dickins
2014-08-06 10:35 ` Mel Gorman
2014-08-06 10:35 ` Mel Gorman
2014-08-06 7:14 ` Aneesh Kumar K.V
2014-08-06 7:14 ` Aneesh Kumar K.V
2014-08-06 7:14 ` Aneesh Kumar K.V
2014-08-06 10:23 ` Mel Gorman
2014-08-06 10:23 ` Mel Gorman
2014-08-06 10:23 ` Mel Gorman
2014-08-07 8:40 ` Aneesh Kumar K.V
2014-08-07 8:40 ` Aneesh Kumar K.V
2014-08-07 8:40 ` Aneesh Kumar K.V
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54107FD3.90300@oracle.com \
--to=sasha.levin@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=davej@redhat.com \
--cc=gorcunov@gmail.com \
--cc=hannes@cmpxchg.org \
--cc=hughd@google.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mgorman@suse.de \
--cc=peterz@infradead.org \
--cc=riel@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.