From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id AF8D7C83F33 for ; Tue, 5 Sep 2023 13:15:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 118BC8D0005; Tue, 5 Sep 2023 09:15:25 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0A1888D0001; Tue, 5 Sep 2023 09:15:25 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EAAA78D0005; Tue, 5 Sep 2023 09:15:24 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id D72D38D0001 for ; Tue, 5 Sep 2023 09:15:24 -0400 (EDT) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id A0A5A16081D for ; Tue, 5 Sep 2023 13:15:24 +0000 (UTC) X-FDA: 81202590168.28.03983E9 Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) by imf22.hostedemail.com (Postfix) with ESMTP id 40A5FC001D for ; Tue, 5 Sep 2023 13:15:21 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=d7FlQTkB; dmarc=none; spf=none (imf22.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1693919723; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=qKC+dtHqGJukqJD5S+Yq5CZYPRk0rGrbPBEq7IsMBbg=; b=llxujdVG1GEgVYiRVqJTFhy4NmZnWhfAp0jIsi62Pe3JaqcIGZHveWrWiDqo1psqX0pjUi p4Emwn04roFObGVKgwC6qqBY0EYTOD375R3ix7dIKZvEAZJEEn+pQVpBV+I26Ubcfadyl+ kMjdzyl83ZgZab6+Au19ufJx1UDXdDQ= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=d7FlQTkB; dmarc=none; spf=none (imf22.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1693919723; a=rsa-sha256; cv=none; b=Bzg8wx4EPGIrY34dxv3sSzs5YJQ+yK6+rxpnLqcc5hnaqDSB2u/SnNfR4dqqtzJzXhHJWc bgjoKv8eKFeNiBuj9R9q62GGeCBeInQr3glX07PPNO5X2imKpgmxZX+Z33iwiGa8fy7qC1 Y0rL6X+46cb6dyd8Ft2hZR1U7GnUwDc= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=qKC+dtHqGJukqJD5S+Yq5CZYPRk0rGrbPBEq7IsMBbg=; b=d7FlQTkB9hMaev2I7racbbnSY8 7EA0yBzgvNDyJzx0OA7EuXHmhmi30ZNTcLBypWwlO3TvrLndG6RpBtQKlSk2hFVXAKZTrcxP4YCk9 Rc8uTgVgCqJmtwi4Ktocxz5yP7cYQeJeRXAGtMc9CWz4HecKcwzVztLEidWtXUlAYqwVJJEnT4w6R xRsOb6iebKIvJCcyUtHPZe7FKASnPN7RWJ1O49qLwF65OrqQg1r/cY2RztcWPOIX6PQRaFAF9DDR+ ZRVK7WFPi6CfGixsaV8ysDkJm70obTb28Xf1jVdbY8xLxTfx3xr/pfZyAm4qvISBigaQWZ1pZp8ny MV6GHTOQ==; Received: from willy by casper.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1qdVtn-009y0I-Nh; Tue, 05 Sep 2023 13:15:19 +0000 Date: Tue, 5 Sep 2023 14:15:19 +0100 From: Matthew Wilcox To: Ryan Roberts Cc: linux-mm@kvack.org Subject: Re: [RFC PATCH 00/14] Rearrange batched folio freeing Message-ID: References: <20230825135918.4164671-1-willy@infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 40A5FC001D X-Rspam-User: X-Rspamd-Server: rspam04 X-Stat-Signature: yb9m5sqdgf1z8k616d9hf6r939o7b94w X-HE-Tag: 1693919721-899120 X-HE-Meta: U2FsdGVkX1/zLT9HOXLQYlfL3h6C365NIRwMqqWgcFwpvOIl85tHT8P06fmi307DQV2NuOVjXkS5VX4prATm7TvhDyn1mO+Viga/zAZBSBZCbyeijq2vTc2lzjg6XPe7nsx/8rEuEVJI/zAr5FggzKzGELQOcv6iJBsa3wlx9ieP8MQQCZw0cBUb8P0adxzMxWYxrZtFMOI8nRYI+44T52IM6FLAt+LWISWE0t9+dwQr4uKmi1Nr4k0H7dIOu2PX7ZGe1dZTAtgasGgr+GmDiU2cgLpD8lqnLuS6BwwlX6qH+33GFXe9k6XOfXgdcIPAo9A6Vmn5wme975J5RzKDN/dtzg2/6pOfClaulo/WaJ6MRSva++NpYwLMlWx6faMEToSVZTEzEpOhL3KE2WM4OCJISWopvMClFqNNaJRrbZTvsXPJOqeJGgGxPJH/Xxz1TMARvY/srImhiXGRYf9AGT38LaHgMYx2AuPWEJM24EzVLDcx79tVSgzaNeXAb609E8TcjiIfYRyOiBxpu05HwU5IDdueYbzmBpwaBMy1zNtDvHBZp/FRf0e/B+G2dSvhbC5vRwUd41vGdh6b3hQxU1rpbug54+gOupa4Wg5uRVOTBaBl5G5qFCjdc8C8ziQRMaV8m27oGt5xzVl1AvgHmry0U4OvbPIIuU4Ww4YB47hIfK4TE1vJ64vUdH1nV2rMBy31mp2en/isZX2JqMdmljcyDs718KTYFGIshiYDY51fJgaOlbtJek8OzQZPQjJ5Orwx938cLyJiUE81e1OtShUZ6DZgxVtLPr/MSgV9F4fS9YOZs5rZuvjtM9w62FfahJMY0hD2IWgIZ0fQZTmJV1Xt6qWTeLJaQu24bGDaf9YCLtWKbW4mr3PKLqBQ6Au+zMDe9F6a9dwXG1O1gg3SEHM7rSHDSowSBdobI+V//Rl73L07FMpPtPh7dGFnvCXb0Hko6eufCUEjcsaBRmS S1L+gF4I BoOryyUytahJFkvIkvttTxnBIX78sWrKpoaO2qGEQlH7kPDE5sTsJ4PMtPQIeep2MrjLN+pjoxKb0tFqD3BEghOyzoDGk5jsvLOCEC6nPTlVvvwXXNTkdlBLiN8fOEelROZVq X-Bogosity: Ham, tests=bogofilter, spamicity=0.000003, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Sep 04, 2023 at 02:25:41PM +0100, Ryan Roberts wrote: > I've been doing some benchmarking of this series, as promised, but have hit an oops. It doesn't appear to be easily reproducible, and I'm struggling to figure out the root cause, so thought I would share in case you have any ideas? I didn't hit that with my testing. Admittedly I was using xfs rather than ext4, but ... > UBSAN: array-index-out-of-bounds in mm/page_alloc.c:668:46 > index 10283 is out of range for type 'list_head [6]' > pstate: 004000c9 (nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) > pc : free_pcppages_bulk+0x330/0x7f8 > lr : free_pcppages_bulk+0x7a8/0x7f8 > sp : ffff8000aeef3680 > x29: ffff8000aeef3680 x28: 000000000000282b x27: 00000000000000fc > x26: 000000008015a39a x25: ffff08181ef9e840 x24: ffff0818836caf80 > x23: 0000000000000001 x22: 0000000000000000 x21: ffff08181ef9e850 > x20: fffffc200368e680 x19: fffffc200368e6c0 x18: 0000000000000000 > x17: 3d3d3d3d3d3d3d3d x16: 3d3d3d3d3d3d3d3d x15: 3d3d3d3d3d3d3d3d > x14: 3d3d3d3d3d3d3d3d x13: 3d3d3d3d3d3d3d3d x12: 3d3d3d3d3d3d3d3d > x11: 3d3d3d3d3d3d3d3d x10: 3d3d3d3d3d3d3d3d x9 : fffffc200368e688 > x8 : fffffc200368e680 x7 : 205d343737333639 x6 : ffff08181dee0000 > x5 : ffff0818836caf80 x4 : 0000000000000000 x3 : 0000000000000001 > x2 : ffff0818836f3330 x1 : ffff0818836f3230 x0 : 006808190c066707 > Call trace: > free_pcppages_bulk+0x330/0x7f8 > free_unref_page_commit+0x15c/0x250 > free_unref_folios+0x37c/0x4a8 > release_unref_folios+0xac/0xf8 > folios_put+0xe0/0x1f0 > __folio_batch_release+0x34/0x88 > truncate_inode_pages_range+0x160/0x540 > truncate_inode_pages_final+0x58/0x90 > ext4_evict_inode+0x164/0x900 > evict+0xac/0x160 > iput+0x170/0x228 > do_unlinkat+0x1d0/0x290 > __arm64_sys_unlinkat+0x48/0x98 > > UBSAN is complaining about migratetype being out of range here: > > /* Used for pages not on another list */ > static inline void add_to_free_list(struct page *page, struct zone *zone, > unsigned int order, int migratetype) > { > struct free_area *area = &zone->free_area[order]; > > list_add(&page->buddy_list, &area->free_list[migratetype]); > area->nr_free++; > } > > And I think that is called from __free_one_page(), which is called > from free_pcppages_bulk() at the top of the stack trace. migratetype > originates from get_pcppage_migratetype(page), which is page->index. But > I can't see where this might be getting corrupted, or how yours or my > changes could affect this. Agreed with your analysis. My best guess is that page->index still contains the file index from when this page was in the page cache instead of being overwritten with the migratetype. This is ext4, so large folios aren't in use. I'll look more later, but I don't immediately see the problem.