All of lore.kernel.org
 help / color / mirror / Atom feed
From: John Hubbard <jhubbard@nvidia.com>
To: Minchan Kim <minchan@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	Mike Kravetz <mike.kravetz@oracle.com>,
	syzbot <syzbot+acf65ca584991f3cc447@syzkaller.appspotmail.com>,
	linux-kernel@vger.kernel.org, linux-mm@kvack.org,
	llvm@lists.linux.dev, nathan@kernel.org, ndesaulniers@google.com,
	syzkaller-bugs@googlegroups.com, trix@redhat.com,
	Matthew Wilcox <willy@infradead.org>,
	Stephen Rothwell <sfr@canb.auug.org.au>,
	David Hildenbrand <david@redhat.com>
Subject: Re: [syzbot] WARNING in follow_hugetlb_page
Date: Fri, 13 May 2022 18:16:46 -0700	[thread overview]
Message-ID: <1c6405b0-271e-22b8-961e-629a2a8bbcf0@nvidia.com> (raw)
In-Reply-To: <d97d8a00-e9e0-278f-0c3f-71162afa48b1@nvidia.com>

On 5/13/22 17:56, John Hubbard wrote:
> On 5/13/22 17:26, Minchan Kim wrote:
>> Anything else further can we get insight from the warning?
>>
>> For example, pin_user_pages going on against a hugetlb page
>> which are concurrently running alloc_contig_range(it's
>> exported function so anyone can call randomly) so
>> alloc_contig_range changes pageblock type as MIGRATE_ISOLATE
>> under us so the hit at the warning?
> 
> Well, yes. First of all, the comments above the warning that fired have
> gone a little bit stale: they claim that we can only hit the warning if
> the page refcount overflows. However, we almost certainly got here via:
> 
> try_grab_folio()
>      /*
>       * Can't do FOLL_LONGTERM + FOLL_PIN gup fast path if not in a
>       * right zone, so fail and let the caller fall back to the slow
>       * path.
>       */
>      if (unlikely((flags & FOLL_LONGTERM) &&
>               !is_pinnable_page(page))) /* which we just changed */

Specifically, the recent patch effectively acted as an error injection
test, by forcing is_pinnable_page() to always return true (if CONFIG_CMA
is defined). Because: MIGRATE_CMA|MIGRATE_ISOLATE == 7, which will match
any of the MIGRATE_* enums when checked with bitwise AND.

I suspect this particular error path has not been exercised much, or if
it has, not reported here anyway. Until now.


thanks,
-- 
John Hubbard
NVIDIA

  reply	other threads:[~2022-05-14  1:16 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-13  9:03 [syzbot] WARNING in follow_hugetlb_page syzbot
2022-05-13 16:43 ` syzbot
2022-05-13 17:26   ` Andrew Morton
2022-05-13 18:09     ` Mike Kravetz
2022-05-13 22:48       ` Mike Kravetz
2022-05-13 23:19         ` Andrew Morton
2022-05-13 23:54           ` Minchan Kim
2022-05-14  0:09             ` John Hubbard
2022-05-14  0:26               ` Minchan Kim
2022-05-14  0:56                 ` John Hubbard
2022-05-14  1:16                   ` John Hubbard [this message]
2022-05-17  3:37                   ` Mike Kravetz
2022-05-18  7:12                     ` John Hubbard
2022-05-20 22:19                     ` Minchan Kim
2022-05-20 22:56                       ` John Hubbard
2022-05-20 23:25                         ` Minchan Kim
2022-05-20 23:31                         ` Mike Kravetz
2022-05-20 23:43                           ` Minchan Kim
2022-05-21  0:04                             ` Mike Kravetz
2022-05-21 15:24                               ` Minchan Kim
2022-05-21 15:51                                 ` David Hildenbrand
2022-05-21 16:36                                   ` Minchan Kim
2022-05-21 16:46                                     ` David Hildenbrand
2022-05-21 18:25                                       ` Minchan Kim
2022-05-21 23:50                                         ` Mike Kravetz
2022-05-14  0:18             ` Andrew Morton

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1c6405b0-271e-22b8-961e-629a2a8bbcf0@nvidia.com \
    --to=jhubbard@nvidia.com \
    --cc=akpm@linux-foundation.org \
    --cc=david@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=llvm@lists.linux.dev \
    --cc=mike.kravetz@oracle.com \
    --cc=minchan@kernel.org \
    --cc=nathan@kernel.org \
    --cc=ndesaulniers@google.com \
    --cc=sfr@canb.auug.org.au \
    --cc=syzbot+acf65ca584991f3cc447@syzkaller.appspotmail.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=trix@redhat.com \
    --cc=willy@infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.