From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.8 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C15BFC433ED for ; Tue, 27 Apr 2021 06:23:50 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 2F788610FB for ; Tue, 27 Apr 2021 06:23:50 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 2F788610FB Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id 502606B0036; Tue, 27 Apr 2021 02:23:49 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4B2C66B006E; Tue, 27 Apr 2021 02:23:49 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 32BF66B0070; Tue, 27 Apr 2021 02:23:49 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0004.hostedemail.com [216.40.44.4]) by kanga.kvack.org (Postfix) with ESMTP id 0F1C96B0036 for ; Tue, 27 Apr 2021 02:23:49 -0400 (EDT) Received: from smtpin03.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay05.hostedemail.com (Postfix) with ESMTP id AF114181AF5CA for ; Tue, 27 Apr 2021 06:23:48 +0000 (UTC) X-FDA: 78077156136.03.D21BFCC Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by imf20.hostedemail.com (Postfix) with ESMTP id 4BB81135 for ; Tue, 27 Apr 2021 06:23:39 +0000 (UTC) Received: by mail.kernel.org (Postfix) with ESMTPSA id 33D3E61078; Tue, 27 Apr 2021 06:23:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1619504627; bh=H9mfZaoUPbytKzo1CW7LGc6AgxaokoTvu4RSbW88iuo=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Iid/tTwf4KJufGwuAGjdYmbKELRkkNMignQ1yf3EzeeVLbZ+sPQHbsYhh/YiRgybI SZdf5eJS2kj7HIqs2NYixO+T7GjaRrlPBqbBJJIneOs3JheGGMvn3Zkn89xamDUBLT X/uKSiMzjWFAVzxp5cPlXa+iTOjDmrbLYG9pcyWUbbiHjznoqqV+am2w7kKGkzH0ZD xnRsf6u617oysA3/X0m0jgHee8OaJYA8FJJwAQ2I0fG8/VWNV+RSczev3nAVs2DVvX rqkxcbR6KmHWwGBkyFs+vKHN1YqPNpYtmYr2rktde982ADOgrlIYmg4j9tBPILeafv 7QYFjSkYtvIlg== Date: Tue, 27 Apr 2021 09:23:33 +0300 From: Mike Rapoport To: Kefeng Wang Cc: linux-arm-kernel@lists.infradead.org, Andrew Morton , Anshuman Khandual , Ard Biesheuvel , Catalin Marinas , David Hildenbrand , Marc Zyngier , Mark Rutland , Mike Rapoport , Will Deacon , kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org, linux-mm@kvack.org Subject: Re: arm32: panic in move_freepages (Was [PATCH v2 0/4] arm64: drop pfn_valid_within() and simplify pfn_valid()) Message-ID: References: <20210421065108.1987-1-rppt@kernel.org> <9aa68d26-d736-3b75-4828-f148964eb7f0@huawei.com> <33fa74c2-f32d-f224-eb30-acdb717179ff@huawei.com> <2a1592ad-bc9d-4664-fd19-f7448a37edc0@huawei.com> <52f7d03b-7219-46bc-c62d-b976bc31ebd5@huawei.com> <2d879629-3059-fd42-428f-4b7c2a73d698@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <2d879629-3059-fd42-428f-4b7c2a73d698@huawei.com> X-Stat-Signature: qfp1zpowadwfz8p7nzdszqq7t9rkh7os X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 4BB81135 Received-SPF: none (kernel.org>: No applicable sender policy available) receiver=imf20; identity=mailfrom; envelope-from=""; helo=mail.kernel.org; client-ip=198.145.29.99 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1619504619-238183 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Apr 26, 2021 at 11:26:38PM +0800, Kefeng Wang wrote: >=20 > On 2021/4/26 13:20, Mike Rapoport wrote: > > On Sun, Apr 25, 2021 at 03:51:56PM +0800, Kefeng Wang wrote: > > > On 2021/4/25 15:19, Mike Rapoport wrote: > > >=20 > > > On Fri, Apr 23, 2021 at 04:11:16PM +0800, Kefeng Wang wrote: > > >=20 > > > I tested this patchset(plus arm32 change, like arm64 does) > > > based on lts 5.10=EF=BC=8Cadd some debug log, the useful i= nfo shows > > > below, if we enable HOLES_IN_ZONE, no panic, any idea, > > > thanks. > > >=20 > > > Are there any changes on top of 5.10 except for pfn_valid() pa= tch? > > > Do you see this panic on 5.10 without the changes? > > >=20 > > > Yes, there are some BSP support for arm board based on 5.10, Is it possible to test 5.12? > > > with or without your patch will get same panic, the panic pfn=3Dde6= 00 > > > in the range of [dcc00,de00] which is freed by free_memmap, start_p= fn > > > =3D dcc00,=C2=A0 dcc00000 end_pfn =3D de700, de700000 > > >=20 > > > we see the PC is at PageLRU, same reason like arm64 panic log, > > >=20 > > > "PageBuddy in move_freepages returns false > > > Then we call PageLRU, the macro calls PF_HEAD which is compoun= d_page() > > > compound_page reads page->compound_head, it is 0xfffffffffffff= fff, so it > > > resturns 0xfffffffffffffffe - and accessing this address cause= s crash" > > >=20 > > > Can you see stack backtrace beyond move_freepages_block? > > >=20 > > > I do some oom test, so the log is about memory allocate, > > >=20 > > > [] (move_freepages_block) from [] > > > (steal_suitable_fallback+0x174/0x1f4) > > >=20 > > > [] (steal_suitable_fallback) from [] (get_page_= from_freelist+0x490/0x9a4) > > > > Hmm, this is called with a page from free list, having a page from a = freed > > part of the memory map passed to steal_suitable_fallback() means that= there > > is an issue with creation of the free list. > >=20 > > Can you please add "memblock=3Ddebug" to the kernel command line and = post the > > log? >=20 > Here is the log, >=20 > CPU: ARMv7 Processor [413fc090] revision 0 (ARMv7), cr=3D1ac5387d >=20 > CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cach= e > OF: fdt: Machine model: HISI-CA9 > memblock_add: [0x80a00000-0x855fffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0x86a00000-0x87dfffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0x8bd00000-0x8c4fffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0x8e300000-0x8ecfffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0x90d00000-0xbfffffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xcc000000-0xdc9fffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xe0800000-0xe0bfffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xf5300000-0xf5bfffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xf5c00000-0xf6ffffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xfe100000-0xfebfffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xfec00000-0xffffffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xde700000-0xde9fffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xf4b00000-0xf52fffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_add: [0xfda00000-0xfe0fffff] early_init_dt_scan_memory+0x11c/0= x188 > memblock_reserve: [0x80a01000-0x80a02d2e] setup_arch+0x68/0x5c4 > Malformed early option 'vecpage_wrprotect' > Memory policy: Data cache writealloc > memblock_reserve: [0x80b00000-0x812e8057] arm_memblock_init+0x34/0x14c > memblock_reserve: [0x83000000-0x84ffffff] arm_memblock_init+0x100/0x14c > memblock_reserve: [0x80a04000-0x80a07fff] arm_memblock_init+0xa0/0x14c > memblock_reserve: [0x80a00000-0x80a02fff] hisi_mem_reserve+0x14/0x30 > MEMBLOCK configuration: > =C2=A0memory size =3D 0x4c0fffff reserved size =3D 0x027ef058 > =C2=A0memory.cnt=C2=A0 =3D 0xa > =C2=A0memory[0x0]=C2=A0=C2=A0=C2=A0 [0x80a00000-0x855fffff], 0x04c00000= bytes flags: 0x0 > =C2=A0memory[0x1]=C2=A0=C2=A0=C2=A0 [0x86a00000-0x87dfffff], 0x01400000= bytes flags: 0x0 > =C2=A0memory[0x2]=C2=A0=C2=A0=C2=A0 [0x8bd00000-0x8c4fffff], 0x00800000= bytes flags: 0x0 > =C2=A0memory[0x3]=C2=A0=C2=A0=C2=A0 [0x8e300000-0x8ecfffff], 0x00a00000= bytes flags: 0x0 > =C2=A0memory[0x4]=C2=A0=C2=A0=C2=A0 [0x90d00000-0xbfffffff], 0x2f300000= bytes flags: 0x0 > =C2=A0memory[0x5]=C2=A0=C2=A0=C2=A0 [0xcc000000-0xdc9fffff], 0x10a00000= bytes flags: 0x0 > =C2=A0memory[0x6]=C2=A0=C2=A0=C2=A0 [0xde700000-0xde9fffff], 0x00300000= bytes flags: 0x0 > =C2=A0memory[0x7]=C2=A0=C2=A0=C2=A0 [0xe0800000-0xe0bfffff], 0x00400000= bytes flags: 0x0 > =C2=A0memory[0x8]=C2=A0=C2=A0=C2=A0 [0xf4b00000-0xf6ffffff], 0x02500000= bytes flags: 0x0 > =C2=A0memory[0x9]=C2=A0=C2=A0=C2=A0 [0xfda00000-0xfffffffe], 0x025fffff= bytes flags: 0x0 > =C2=A0reserved.cnt=C2=A0 =3D 0x4 > =C2=A0reserved[0x0]=C2=A0=C2=A0=C2=A0 [0x80a00000-0x80a02fff], 0x000030= 00 bytes flags: 0x0 > =C2=A0reserved[0x1]=C2=A0=C2=A0=C2=A0 [0x80a04000-0x80a07fff], 0x000040= 00 bytes flags: 0x0 > =C2=A0reserved[0x2]=C2=A0=C2=A0=C2=A0 [0x80b00000-0x812e8057], 0x007e80= 58 bytes flags: 0x0 > =C2=A0reserved[0x3]=C2=A0=C2=A0=C2=A0 [0x83000000-0x84ffffff], 0x020000= 00 bytes flags: 0x0 ... > Zone ranges: > =C2=A0 Normal=C2=A0=C2=A0 [mem 0x0000000080a00000-0x00000000b01fffff] > =C2=A0 HighMem=C2=A0 [mem 0x00000000b0200000-0x00000000ffffefff] > Movable zone start for each node > Early memory node ranges > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x0000000080a00000-0x00000000855fffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x0000000086a00000-0x0000000087dfffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x000000008bd00000-0x000000008c4fffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x000000008e300000-0x000000008ecfffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x0000000090d00000-0x00000000bfffffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000cc000000-0x00000000dc9fffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000de700000-0x00000000de9fffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000e0800000-0x00000000e0bfffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000f4b00000-0x00000000f6ffffff] > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000fda00000-0x00000000ffffefff] > Zeroed struct page in unavailable ranges: 513 pages > Initmem setup node 0 [mem 0x0000000080a00000-0x00000000ffffefff] > On node 0 totalpages: 311551 > =C2=A0 Normal zone: 1230 pages used for memmap > =C2=A0 Normal zone: 0 pages reserved > =C2=A0 Normal zone: 157440 pages, LIFO batch:31 > =C2=A0 HighMem zone: 154111 pages, LIFO batch:31 AFAICT the range [de600000, de7ff000] should not be added to the free lists. Can you try with the below patch: diff --git a/mm/memblock.c b/mm/memblock.c index afaefa8fc6ab..7f3c33d53f87 100644 --- a/mm/memblock.c +++ b/mm/memblock.c @@ -1994,6 +1994,8 @@ static unsigned long __init __free_memory_core(phys= _addr_t start, unsigned long end_pfn =3D min_t(unsigned long, PFN_DOWN(end), max_low_pfn); =20 + pr_info("%s: range: %pa - %pa, pfn: %lx - %lx\n", __func__, &start, &en= d, start_pfn, end_pfn); + if (start_pfn >=3D end_pfn) return 0; =20 =20 > > > [] (get_page_from_freelist) from [] (__alloc_pa= ges_nodemask+0x188/0xc08) > > > [] (__alloc_pages_nodemask) from [] (alloc_zero= ed_user_highpage_movable+0x14/0x3c) > > > [] (alloc_zeroed_user_highpage_movable) from []= (handle_mm_fault+0x254/0xac8) > > > [] (handle_mm_fault) from [] (do_page_fault+0x2= 28/0x2f4) > > > [] (do_page_fault) from [] (do_DataAbort+0x48/0= xd0) > > > [] (do_DataAbort) from [] (__dabt_usr+0x40/0x60= ) > > >=20 > > > Zone ranges: > > > =C2=A0 Normal=C2=A0=C2=A0 [mem 0x0000000080a00000-0x000000= 00b01fffff] > > > =C2=A0 HighMem=C2=A0 [mem 0x00000000b0200000-0x00000000fff= fefff] > > > Movable zone start for each node > > > Early memory node ranges > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x0000000080a00000-0x00000= 000855fffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x0000000086a00000-0x00000= 00087dfffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x000000008bd00000-0x00000= 0008c4fffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x000000008e300000-0x00000= 0008ecfffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x0000000090d00000-0x00000= 000bfffffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000cc000000-0x00000= 000dc9fffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000de700000-0x00000= 000de9fffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000e0800000-0x00000= 000e0bfffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000f4b00000-0x00000= 000f6ffffff] > > > =C2=A0 node=C2=A0=C2=A0 0: [mem 0x00000000fda00000-0x00000= 000ffffefff] > > >=20 > > > ----> free_memmap, start_pfn =3D 85800,=C2=A0 85800000 end= _pfn =3D 86a00, 86a00000 > > > ----> free_memmap, start_pfn =3D 8c800,=C2=A0 8c800000 end= _pfn =3D 8e300, 8e300000 > > > ----> free_memmap, start_pfn =3D 8f000,=C2=A0 8f000000 end= _pfn =3D 90000, 90000000 > > > ----> free_memmap, start_pfn =3D dcc00,=C2=A0 dcc00000 end= _pfn =3D de700, de700000 > > > ----> free_memmap, start_pfn =3D dec00,=C2=A0 dec00000 end= _pfn =3D e0000, e0000000 > > > ----> free_memmap, start_pfn =3D e0c00,=C2=A0 e0c00000 end= _pfn =3D e4000, e4000000 > > > ----> free_memmap, start_pfn =3D f7000,=C2=A0 f7000000 end= _pfn =3D f8000, f8000000 > > > =3D=3D=3D >move_freepages: start_pfn/end_pfn [de601, de7ff= ], [de600000, de7ff000] > > > :=C2=A0 pfn =3Dde600 pfn2phy =3D de600000 , page =3D ef3cc= 000, page-flags =3D ffffffff > > > 8<--- cut here --- > > > Unable to handle kernel paging request at virtual address = fffffffe > > > pgd =3D 5dd50df5 > > > [fffffffe] *pgd=3Daffff861, *pte=3D00000000, *ppte=3D00000= 000 > > > Internal error: Oops: 37 [#1] SMP ARM > > > Modules linked in: gmac(O) > > > CPU: 2 PID: 635 Comm: test-oom Tainted: G=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 O=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= 5.10.0+ #31 > > > Hardware name: Hisilicon A9 > > > PC is at move_freepages_block+0x150/0x278 > > > LR is at move_freepages_block+0x150/0x278 > > > pc : []=C2=A0=C2=A0=C2=A0 lr : []=C2=A0= =C2=A0=C2=A0 psr: 200e0393 > > > sp : c4179cf8=C2=A0 ip : 00000000=C2=A0 fp : 00000001 > > > r10: c4179d58=C2=A0 r9 : 000de7ff=C2=A0 r8 : 00000000 > > > r7 : c0863280=C2=A0 r6 : 000de600=C2=A0 r5 : 000de600=C2=A0= r4 : ef3cc000 > > > r3 : ffffffff=C2=A0 r2 : 00000000=C2=A0 r1 : ef5d069c=C2=A0= r0 : fffffffe > > > Flags: nzCv=C2=A0 IRQs off=C2=A0 FIQs on=C2=A0 Mode SVC_32= =C2=A0 ISA ARM=C2=A0 Segment user > > > Control: 1ac5387d=C2=A0 Table: 83b0c04a=C2=A0 DAC: 5555555= 5 > > > Process test-oom (pid: 635, stack limit =3D 0x25d667df) > > >=20 > > >=20 --=20 Sincerely yours, Mike.