From: Mel Gorman <mgorman@techsingularity.net>
To: Qian Cai <cai@lca.pw>
Cc: akpm@linux-foundation.org, daniel.m.jordan@oracle.com,
mikhail.v.gavrilov@gmail.com, vbabka@suse.cz,
pasha.tatashin@soleen.com, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] mm/compaction: abort search if isolation fails
Date: Thu, 21 Mar 2019 17:14:53 +0000 [thread overview]
Message-ID: <20190321171453.GE3189@techsingularity.net> (raw)
In-Reply-To: <20190320192648.52499-1-cai@lca.pw>
On Wed, Mar 20, 2019 at 03:26:48PM -0400, Qian Cai wrote:
> Running LTP oom01 in a tight loop or memory stress testing put the
> system in a low-memory situation could triggers random memory
> corruption like page flag corruption below due to in
> fast_isolate_freepages(), if isolation fails, next_search_order() does
> not abort the search immediately could lead to improper accesses.
>
> UBSAN: Undefined behaviour in ./include/linux/mm.h:1195:50
> index 7 is out of range for type 'zone [5]'
> Call Trace:
> dump_stack+0x62/0x9a
> ubsan_epilogue+0xd/0x7f
> __ubsan_handle_out_of_bounds+0x14d/0x192
> __isolate_free_page+0x52c/0x600
> compaction_alloc+0x886/0x25f0
> unmap_and_move+0x37/0x1e70
> migrate_pages+0x2ca/0xb20
> compact_zone+0x19cb/0x3620
> kcompactd_do_work+0x2df/0x680
> kcompactd+0x1d8/0x6c0
> kthread+0x32c/0x3f0
> ret_from_fork+0x35/0x40
> ------------[ cut here ]------------
> kernel BUG at mm/page_alloc.c:3124!
> invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN PTI
> RIP: 0010:__isolate_free_page+0x464/0x600
> RSP: 0000:ffff888b9e1af848 EFLAGS: 00010007
> RAX: 0000000030000000 RBX: ffff888c39fcf0f8 RCX: 0000000000000000
> RDX: 1ffff111873f9e25 RSI: 0000000000000004 RDI: ffffed1173c35ef6
> RBP: ffff888b9e1af898 R08: fffffbfff4fc2461 R09: fffffbfff4fc2460
> R10: fffffbfff4fc2460 R11: ffffffffa7e12303 R12: 0000000000000008
> R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000007
> FS: 0000000000000000(0000) GS:ffff888ba8e80000(0000)
> knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00007fc7abc00000 CR3: 0000000752416004 CR4: 00000000001606a0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> Call Trace:
> compaction_alloc+0x886/0x25f0
> unmap_and_move+0x37/0x1e70
> migrate_pages+0x2ca/0xb20
> compact_zone+0x19cb/0x3620
> kcompactd_do_work+0x2df/0x680
> kcompactd+0x1d8/0x6c0
> kthread+0x32c/0x3f0
> ret_from_fork+0x35/0x40
>
> Fixes: dbe2d4e4f12e ("mm, compaction: round-robin the order while searching the free lists for a target")
> Signed-off-by: Qian Cai <cai@lca.pw>
Acked-by: Mel Gorman <mgorman@techsingularity.net>
--
Mel Gorman
SUSE Labs
prev parent reply other threads:[~2019-03-21 17:14 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-20 19:26 [PATCH v2] mm/compaction: abort search if isolation fails Qian Cai
2019-03-21 17:14 ` Mel Gorman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190321171453.GE3189@techsingularity.net \
--to=mgorman@techsingularity.net \
--cc=akpm@linux-foundation.org \
--cc=cai@lca.pw \
--cc=daniel.m.jordan@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mikhail.v.gavrilov@gmail.com \
--cc=pasha.tatashin@soleen.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.