| Message ID | 20240820143359.199-1-justinjiang@vivo.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | mm: vma remove the redundant avc binded with old folio | expand |
Hello,
kernel test robot noticed "WARNING:at_mm/rmap.c:#unlink_anon_vmas" on:
commit: ae307233d6efc18c3d6015b127b099450ca8588e ("[PATCH] mm: vma remove the redundant avc binded with old folio")
url: https://github.com/intel-lab-lkp/linux/commits/Zhiguo-Jiang/mm-vma-remove-the-redundant-avc-binded-with-old-folio/20240820-223531
base: https://git.kernel.org/cgit/linux/kernel/git/akpm/mm.git mm-everything
patch link: https://lore.kernel.org/all/20240820143359.199-1-justinjiang@vivo.com/
patch subject: [PATCH] mm: vma remove the redundant avc binded with old folio
in testcase: boot
compiler: gcc-12
test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G
(please refer to attached dmesg/kmsg for entire log/backtrace)
+----------------------------------------+------------+------------+
| | 75bee94793 | ae307233d6 |
+----------------------------------------+------------+------------+
| WARNING:at_mm/rmap.c:#unlink_anon_vmas | 0 | 6 |
| RIP:unlink_anon_vmas | 0 | 6 |
+----------------------------------------+------------+------------+
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <oliver.sang@intel.com>
| Closes: https://lore.kernel.org/oe-lkp/202408230938.43f55b4-lkp@intel.com
[ 36.655884][ T197] ------------[ cut here ]------------
[ 36.656843][ T197] WARNING: CPU: 1 PID: 197 at mm/rmap.c:443 unlink_anon_vmas (mm/rmap.c:443 (discriminator 1))
[ 36.658183][ T197] Modules linked in: sg ata_piix libata crc32_pclmul crc32c_intel scsi_mod polyval_clmulni polyval_generic ghash_clmulni_intel sha512_ssse3 aesni_intel scsi_common cmdlinepart
[ 36.660508][ T197] CPU: 1 UID: 0 PID: 197 Comm: lkp-bootstrap Tainted: G T 6.11.0-rc3-00378-gae307233d6ef #1 5ff8330b382acbcd2719e520175822ac6c64d0eb
[ 36.662685][ T197] Tainted: [T]=RANDSTRUCT
[ 36.663288][ T197] RIP: 0010:unlink_anon_vmas (mm/rmap.c:443 (discriminator 1))
[ 36.668434][ T197] Code: 7f fe ff ff 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f 31 c0 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 c3 90 0f 0b 90 eb ad 90 <0f> 0b 90 eb 82 90 0f 0b 90 48 8d 7e 08 e8 2d a2 bf ff e9 ca fc ff
All code
========
0: 7f fe jg 0x0
2: ff (bad)
3: ff 48 83 decl -0x7d(%rax)
6: c4 (bad)
7: 28 5b 5d sub %bl,0x5d(%rbx)
a: 41 5c pop %r12
c: 41 5d pop %r13
e: 41 5e pop %r14
10: 41 5f pop %r15
12: 31 c0 xor %eax,%eax
14: 31 d2 xor %edx,%edx
16: 31 c9 xor %ecx,%ecx
18: 31 f6 xor %esi,%esi
1a: 31 ff xor %edi,%edi
1c: 45 31 c0 xor %r8d,%r8d
1f: 45 31 c9 xor %r9d,%r9d
22: c3 ret
23: 90 nop
24: 0f 0b ud2
26: 90 nop
27: eb ad jmp 0xffffffffffffffd6
29: 90 nop
2a:* 0f 0b ud2 <-- trapping instruction
2c: 90 nop
2d: eb 82 jmp 0xffffffffffffffb1
2f: 90 nop
30: 0f 0b ud2
32: 90 nop
33: 48 8d 7e 08 lea 0x8(%rsi),%rdi
37: e8 2d a2 bf ff call 0xffffffffffbfa269
3c: e9 .byte 0xe9
3d: ca fc ff lret $0xfffc
Code starting with the faulting instruction
===========================================
0: 0f 0b ud2
2: 90 nop
3: eb 82 jmp 0xffffffffffffff87
5: 90 nop
6: 0f 0b ud2
8: 90 nop
9: 48 8d 7e 08 lea 0x8(%rsi),%rdi
d: e8 2d a2 bf ff call 0xffffffffffbfa23f
12: e9 .byte 0xe9
13: ca fc ff lret $0xfffc
[ 36.671148][ T197] RSP: 0000:ffffc900019ffad8 EFLAGS: 00010202
[ 36.671931][ T197] RAX: 1ffff1102e73f0bf RBX: ffff888173c55ab0 RCX: 0000000000000000
[ 36.672880][ T197] RDX: 1ffff110241d68e2 RSI: 0000000000000000 RDI: ffff8881739f85f8
[ 36.673933][ T197] RBP: ffff888120eb4700 R08: 0000000000000000 R09: 0000000000000000
[ 36.675002][ T197] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881739f8550
[ 36.676082][ T197] R13: ffff888173c55aa0 R14: dffffc0000000000 R15: ffff888120eb4710
[ 36.677134][ T197] FS: 0000000000000000(0000) GS:ffff8883af300000(0000) knlGS:0000000000000000
[ 36.678328][ T197] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 36.679207][ T197] CR2: 000000005663e33c CR3: 000000012021c000 CR4: 00000000000406b0
[ 36.680251][ T197] Call Trace:
[ 36.680681][ T197] <TASK>
[ 36.681079][ T197] ? __warn (kernel/panic.c:735)
[ 36.681682][ T197] ? unlink_anon_vmas (mm/rmap.c:443 (discriminator 1))
[ 36.682312][ T197] ? report_bug (lib/bug.c:180 lib/bug.c:219)
[ 36.682920][ T197] ? handle_bug (arch/x86/kernel/traps.c:239)
[ 36.683494][ T197] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1))
[ 36.684125][ T197] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)
[ 36.684804][ T197] ? unlink_anon_vmas (mm/rmap.c:443 (discriminator 1))
[ 36.685501][ T197] ? unlink_anon_vmas (mm/rmap.c:400)
[ 36.686185][ T197] free_pgtables (mm/memory.c:410)
[ 36.686819][ T197] ? free_pgd_range (mm/memory.c:367)
[ 36.687466][ T197] ? preempt_count_add (include/linux/ftrace.h:976 kernel/sched/core.c:5634 kernel/sched/core.c:5659)
[ 36.688179][ T197] exit_mmap (mm/mmap.c:1934)
[ 36.688758][ T197] ? trace_contention_end (include/trace/events/lock.h:122 (discriminator 52))
[ 36.689496][ T197] ? do_vma_munmap (mm/mmap.c:1895)
[ 36.690125][ T197] ? __mutex_lock (arch/x86/include/asm/preempt.h:103 kernel/locking/mutex.c:618 kernel/locking/mutex.c:752)
[ 36.690779][ T197] ? __mutex_unlock_slowpath (arch/x86/include/asm/atomic64_64.h:101 include/linux/atomic/atomic-arch-fallback.h:4329 include/linux/atomic/atomic-long.h:1506 include/linux/atomic/atomic-instrumented.h:4481 kernel/locking/mutex.c:929)
[ 36.691585][ T197] __mmput (kernel/fork.c:1346)
[ 36.692143][ T197] exit_mm (kernel/exit.c:572)
[ 36.692699][ T197] do_exit (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 include/trace/events/sched.h:333 kernel/exit.c:930)
[ 36.693256][ T197] ? do_raw_spin_lock (arch/x86/include/asm/atomic.h:107 include/linux/atomic/atomic-arch-fallback.h:2170 include/linux/atomic/atomic-instrumented.h:1302 include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116)
[ 36.693947][ T197] ? stack_not_used (kernel/exit.c:878)
[ 36.694605][ T197] ? _raw_spin_unlock_irq (arch/x86/include/asm/irqflags.h:42 arch/x86/include/asm/irqflags.h:97 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:202)
[ 36.695304][ T197] do_group_exit (kernel/exit.c:1069)
[ 36.695908][ T197] __ia32_sys_exit_group (kernel/exit.c:1097)
[ 36.696561][ T197] ia32_sys_call (??:?)
[ 36.697142][ T197] do_int80_emulation (arch/x86/entry/common.c:165 arch/x86/entry/common.c:253)
[ 36.697852][ T197] asm_int80_emulation (arch/x86/include/asm/idtentry.h:626)
[ 36.698504][ T197] RIP: 0023:0xf7f03092
[ 36.699039][ T197] Code: Unable to access opcode bytes at 0xf7f03068.
Code starting with the faulting instruction
===========================================
[ 36.699967][ T197] RSP: 002b:00000000ffcfddd8 EFLAGS: 00000296 ORIG_RAX: 00000000000000fc
[ 36.701055][ T197] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000003323d2f
[ 36.702120][ T197] RDX: 00000000ffcfde00 RSI: 0000000056633734 RDI: 00000000f7ef8000
[ 36.703147][ T197] RBP: 00000000ffcfdef8 R08: 0000000000000000 R09: 0000000000000000
[ 36.704165][ T197] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 36.705185][ T197] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 36.706281][ T197] </TASK>
[ 36.706698][ T197] irq event stamp: 10051
[ 36.707257][ T197] hardirqs last enabled at (10059): console_unlock (arch/x86/include/asm/irqflags.h:26 arch/x86/include/asm/irqflags.h:87 arch/x86/include/asm/irqflags.h:147 kernel/printk/printk.c:341 kernel/printk/printk.c:2801 kernel/printk/printk.c:3120)
[ 36.708455][ T197] hardirqs last disabled at (10066): console_unlock (kernel/printk/printk.c:339 kernel/printk/printk.c:2801 kernel/printk/printk.c:3120)
[ 36.709660][ T197] softirqs last enabled at (10006): handle_softirqs (arch/x86/include/asm/preempt.h:26 kernel/softirq.c:401 kernel/softirq.c:582)
[ 36.710805][ T197] softirqs last disabled at (9997): irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637 kernel/softirq.c:649)
[ 36.711941][ T197] ---[ end trace 0000000000000000 ]---
The kernel config and materials to reproduce are available at:
https://download.01.org/0day-ci/archive/20240823/202408230938.43f55b4-lkp@intel.com
在 2024/8/23 10:33, kernel test robot 写道: > [Some people who received this message don't often get email from oliver.sang@intel.com. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] > > Hello, > > kernel test robot noticed "WARNING:at_mm/rmap.c:#unlink_anon_vmas" on: > > commit: ae307233d6efc18c3d6015b127b099450ca8588e ("[PATCH] mm: vma remove the redundant avc binded with old folio") > url: https://github.com/intel-lab-lkp/linux/commits/Zhiguo-Jiang/mm-vma-remove-the-redundant-avc-binded-with-old-folio/20240820-223531 > base: https://git.kernel.org/cgit/linux/kernel/git/akpm/mm.git mm-everything > patch link: https://lore.kernel.org/all/20240820143359.199-1-justinjiang@vivo.com/ > patch subject: [PATCH] mm: vma remove the redundant avc binded with old folio > > in testcase: boot > > compiler: gcc-12 > test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 -m 16G > > (please refer to attached dmesg/kmsg for entire log/backtrace) > > > +----------------------------------------+------------+------------+ > | | 75bee94793 | ae307233d6 | > +----------------------------------------+------------+------------+ > | WARNING:at_mm/rmap.c:#unlink_anon_vmas | 0 | 6 | > | RIP:unlink_anon_vmas | 0 | 6 | > +----------------------------------------+------------+------------+ > > > If you fix the issue in a separate patch/commit (i.e. not just a new version of > the same patch/commit), kindly add following tags > | Reported-by: kernel test robot <oliver.sang@intel.com> > | Closes: https://lore.kernel.org/oe-lkp/202408230938.43f55b4-lkp@intel.com Fix the issue, please help to review again. https://lore.kernel.org/linux-mm/20240823140139.263-1-justinjiang@vivo.com/T/#u Thanks Zhiguo > > > [ 36.655884][ T197] ------------[ cut here ]------------ > [ 36.656843][ T197] WARNING: CPU: 1 PID: 197 at mm/rmap.c:443 unlink_anon_vmas (mm/rmap.c:443 (discriminator 1)) > [ 36.658183][ T197] Modules linked in: sg ata_piix libata crc32_pclmul crc32c_intel scsi_mod polyval_clmulni polyval_generic ghash_clmulni_intel sha512_ssse3 aesni_intel scsi_common cmdlinepart > [ 36.660508][ T197] CPU: 1 UID: 0 PID: 197 Comm: lkp-bootstrap Tainted: G T 6.11.0-rc3-00378-gae307233d6ef #1 5ff8330b382acbcd2719e520175822ac6c64d0eb > [ 36.662685][ T197] Tainted: [T]=RANDSTRUCT > [ 36.663288][ T197] RIP: 0010:unlink_anon_vmas (mm/rmap.c:443 (discriminator 1)) > [ 36.668434][ T197] Code: 7f fe ff ff 48 83 c4 28 5b 5d 41 5c 41 5d 41 5e 41 5f 31 c0 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 c3 90 0f 0b 90 eb ad 90 <0f> 0b 90 eb 82 90 0f 0b 90 48 8d 7e 08 e8 2d a2 bf ff e9 ca fc ff > All code > ======== > 0: 7f fe jg 0x0 > 2: ff (bad) > 3: ff 48 83 decl -0x7d(%rax) > 6: c4 (bad) > 7: 28 5b 5d sub %bl,0x5d(%rbx) > a: 41 5c pop %r12 > c: 41 5d pop %r13 > e: 41 5e pop %r14 > 10: 41 5f pop %r15 > 12: 31 c0 xor %eax,%eax > 14: 31 d2 xor %edx,%edx > 16: 31 c9 xor %ecx,%ecx > 18: 31 f6 xor %esi,%esi > 1a: 31 ff xor %edi,%edi > 1c: 45 31 c0 xor %r8d,%r8d > 1f: 45 31 c9 xor %r9d,%r9d > 22: c3 ret > 23: 90 nop > 24: 0f 0b ud2 > 26: 90 nop > 27: eb ad jmp 0xffffffffffffffd6 > 29: 90 nop > 2a:* 0f 0b ud2 <-- trapping instruction > 2c: 90 nop > 2d: eb 82 jmp 0xffffffffffffffb1 > 2f: 90 nop > 30: 0f 0b ud2 > 32: 90 nop > 33: 48 8d 7e 08 lea 0x8(%rsi),%rdi > 37: e8 2d a2 bf ff call 0xffffffffffbfa269 > 3c: e9 .byte 0xe9 > 3d: ca fc ff lret $0xfffc > > Code starting with the faulting instruction > =========================================== > 0: 0f 0b ud2 > 2: 90 nop > 3: eb 82 jmp 0xffffffffffffff87 > 5: 90 nop > 6: 0f 0b ud2 > 8: 90 nop > 9: 48 8d 7e 08 lea 0x8(%rsi),%rdi > d: e8 2d a2 bf ff call 0xffffffffffbfa23f > 12: e9 .byte 0xe9 > 13: ca fc ff lret $0xfffc > [ 36.671148][ T197] RSP: 0000:ffffc900019ffad8 EFLAGS: 00010202 > [ 36.671931][ T197] RAX: 1ffff1102e73f0bf RBX: ffff888173c55ab0 RCX: 0000000000000000 > [ 36.672880][ T197] RDX: 1ffff110241d68e2 RSI: 0000000000000000 RDI: ffff8881739f85f8 > [ 36.673933][ T197] RBP: ffff888120eb4700 R08: 0000000000000000 R09: 0000000000000000 > [ 36.675002][ T197] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881739f8550 > [ 36.676082][ T197] R13: ffff888173c55aa0 R14: dffffc0000000000 R15: ffff888120eb4710 > [ 36.677134][ T197] FS: 0000000000000000(0000) GS:ffff8883af300000(0000) knlGS:0000000000000000 > [ 36.678328][ T197] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 > [ 36.679207][ T197] CR2: 000000005663e33c CR3: 000000012021c000 CR4: 00000000000406b0 > [ 36.680251][ T197] Call Trace: > [ 36.680681][ T197] <TASK> > [ 36.681079][ T197] ? __warn (kernel/panic.c:735) > [ 36.681682][ T197] ? unlink_anon_vmas (mm/rmap.c:443 (discriminator 1)) > [ 36.682312][ T197] ? report_bug (lib/bug.c:180 lib/bug.c:219) > [ 36.682920][ T197] ? handle_bug (arch/x86/kernel/traps.c:239) > [ 36.683494][ T197] ? exc_invalid_op (arch/x86/kernel/traps.c:260 (discriminator 1)) > [ 36.684125][ T197] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621) > [ 36.684804][ T197] ? unlink_anon_vmas (mm/rmap.c:443 (discriminator 1)) > [ 36.685501][ T197] ? unlink_anon_vmas (mm/rmap.c:400) > [ 36.686185][ T197] free_pgtables (mm/memory.c:410) > [ 36.686819][ T197] ? free_pgd_range (mm/memory.c:367) > [ 36.687466][ T197] ? preempt_count_add (include/linux/ftrace.h:976 kernel/sched/core.c:5634 kernel/sched/core.c:5659) > [ 36.688179][ T197] exit_mmap (mm/mmap.c:1934) > [ 36.688758][ T197] ? trace_contention_end (include/trace/events/lock.h:122 (discriminator 52)) > [ 36.689496][ T197] ? do_vma_munmap (mm/mmap.c:1895) > [ 36.690125][ T197] ? __mutex_lock (arch/x86/include/asm/preempt.h:103 kernel/locking/mutex.c:618 kernel/locking/mutex.c:752) > [ 36.690779][ T197] ? __mutex_unlock_slowpath (arch/x86/include/asm/atomic64_64.h:101 include/linux/atomic/atomic-arch-fallback.h:4329 include/linux/atomic/atomic-long.h:1506 include/linux/atomic/atomic-instrumented.h:4481 kernel/locking/mutex.c:929) > [ 36.691585][ T197] __mmput (kernel/fork.c:1346) > [ 36.692143][ T197] exit_mm (kernel/exit.c:572) > [ 36.692699][ T197] do_exit (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:207 include/trace/events/sched.h:333 kernel/exit.c:930) > [ 36.693256][ T197] ? do_raw_spin_lock (arch/x86/include/asm/atomic.h:107 include/linux/atomic/atomic-arch-fallback.h:2170 include/linux/atomic/atomic-instrumented.h:1302 include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) > [ 36.693947][ T197] ? stack_not_used (kernel/exit.c:878) > [ 36.694605][ T197] ? _raw_spin_unlock_irq (arch/x86/include/asm/irqflags.h:42 arch/x86/include/asm/irqflags.h:97 include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:202) > [ 36.695304][ T197] do_group_exit (kernel/exit.c:1069) > [ 36.695908][ T197] __ia32_sys_exit_group (kernel/exit.c:1097) > [ 36.696561][ T197] ia32_sys_call (??:?) > [ 36.697142][ T197] do_int80_emulation (arch/x86/entry/common.c:165 arch/x86/entry/common.c:253) > [ 36.697852][ T197] asm_int80_emulation (arch/x86/include/asm/idtentry.h:626) > [ 36.698504][ T197] RIP: 0023:0xf7f03092 > [ 36.699039][ T197] Code: Unable to access opcode bytes at 0xf7f03068. > > Code starting with the faulting instruction > =========================================== > [ 36.699967][ T197] RSP: 002b:00000000ffcfddd8 EFLAGS: 00000296 ORIG_RAX: 00000000000000fc > [ 36.701055][ T197] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000003323d2f > [ 36.702120][ T197] RDX: 00000000ffcfde00 RSI: 0000000056633734 RDI: 00000000f7ef8000 > [ 36.703147][ T197] RBP: 00000000ffcfdef8 R08: 0000000000000000 R09: 0000000000000000 > [ 36.704165][ T197] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 > [ 36.705185][ T197] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 > [ 36.706281][ T197] </TASK> > [ 36.706698][ T197] irq event stamp: 10051 > [ 36.707257][ T197] hardirqs last enabled at (10059): console_unlock (arch/x86/include/asm/irqflags.h:26 arch/x86/include/asm/irqflags.h:87 arch/x86/include/asm/irqflags.h:147 kernel/printk/printk.c:341 kernel/printk/printk.c:2801 kernel/printk/printk.c:3120) > [ 36.708455][ T197] hardirqs last disabled at (10066): console_unlock (kernel/printk/printk.c:339 kernel/printk/printk.c:2801 kernel/printk/printk.c:3120) > [ 36.709660][ T197] softirqs last enabled at (10006): handle_softirqs (arch/x86/include/asm/preempt.h:26 kernel/softirq.c:401 kernel/softirq.c:582) > [ 36.710805][ T197] softirqs last disabled at (9997): irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637 kernel/softirq.c:649) > [ 36.711941][ T197] ---[ end trace 0000000000000000 ]--- > > > The kernel config and materials to reproduce are available at: > https://download.01.org/0day-ci/archive/20240823/202408230938.43f55b4-lkp@intel.com > > > > -- > 0-DAY CI Kernel Test Service > https://github.com/intel/lkp-tests/wiki >
在 2024/8/23 22:04, zhiguojiang 写道: > > > 在 2024/8/23 10:33, kernel test robot 写道: >> [Some people who received this message don't often get email from >> oliver.sang@intel.com. Learn why this is important at >> https://aka.ms/LearnAboutSenderIdentification ] >> >> Hello, >> >> kernel test robot noticed "WARNING:at_mm/rmap.c:#unlink_anon_vmas" on: >> >> commit: ae307233d6efc18c3d6015b127b099450ca8588e ("[PATCH] mm: vma >> remove the redundant avc binded with old folio") >> url: >> https://github.com/intel-lab-lkp/linux/commits/Zhiguo-Jiang/mm-vma-remove-the-redundant-avc-binded-with-old-folio/20240820-223531 >> base: https://git.kernel.org/cgit/linux/kernel/git/akpm/mm.git >> mm-everything >> patch link: >> https://lore.kernel.org/all/20240820143359.199-1-justinjiang@vivo.com/ >> patch subject: [PATCH] mm: vma remove the redundant avc binded with >> old folio >> >> in testcase: boot >> >> compiler: gcc-12 >> test machine: qemu-system-x86_64 -enable-kvm -cpu SandyBridge -smp 2 >> -m 16G >> >> (please refer to attached dmesg/kmsg for entire log/backtrace) >> >> >> +----------------------------------------+------------+------------+ >> | | 75bee94793 | ae307233d6 | >> +----------------------------------------+------------+------------+ >> | WARNING:at_mm/rmap.c:#unlink_anon_vmas | 0 | 6 | >> | RIP:unlink_anon_vmas | 0 | 6 | >> +----------------------------------------+------------+------------+ >> >> >> If you fix the issue in a separate patch/commit (i.e. not just a new >> version of >> the same patch/commit), kindly add following tags >> | Reported-by: kernel test robot <oliver.sang@intel.com> >> | Closes: >> https://lore.kernel.org/oe-lkp/202408230938.43f55b4-lkp@intel.com > Fix the issue, please help to review again. > https://lore.kernel.org/linux-mm/20240823140139.263-1-justinjiang@vivo.com/T/#u > Sorry, please help to review this patch. https://lore.kernel.org/linux-mm/20240823150206.565-1-justinjiang@vivo.com/T/#u Thanks Zhiguo > > Thanks > Zhiguo >> >> >> [ 36.655884][ T197] ------------[ cut here ]------------ >> [ 36.656843][ T197] WARNING: CPU: 1 PID: 197 at mm/rmap.c:443 >> unlink_anon_vmas (mm/rmap.c:443 (discriminator 1)) >> [ 36.658183][ T197] Modules linked in: sg ata_piix libata >> crc32_pclmul crc32c_intel scsi_mod polyval_clmulni polyval_generic >> ghash_clmulni_intel sha512_ssse3 aesni_intel scsi_common cmdlinepart >> [ 36.660508][ T197] CPU: 1 UID: 0 PID: 197 Comm: lkp-bootstrap >> Tainted: G T 6.11.0-rc3-00378-gae307233d6ef #1 >> 5ff8330b382acbcd2719e520175822ac6c64d0eb >> [ 36.662685][ T197] Tainted: [T]=RANDSTRUCT >> [ 36.663288][ T197] RIP: 0010:unlink_anon_vmas (mm/rmap.c:443 >> (discriminator 1)) >> [ 36.668434][ T197] Code: 7f fe ff ff 48 83 c4 28 5b 5d 41 5c 41 5d >> 41 5e 41 5f 31 c0 31 d2 31 c9 31 f6 31 ff 45 31 c0 45 31 c9 c3 90 0f >> 0b 90 eb ad 90 <0f> 0b 90 eb 82 90 0f 0b 90 48 8d 7e 08 e8 2d a2 bf >> ff e9 ca fc ff >> All code >> ======== >> 0: 7f fe jg 0x0 >> 2: ff (bad) >> 3: ff 48 83 decl -0x7d(%rax) >> 6: c4 (bad) >> 7: 28 5b 5d sub %bl,0x5d(%rbx) >> a: 41 5c pop %r12 >> c: 41 5d pop %r13 >> e: 41 5e pop %r14 >> 10: 41 5f pop %r15 >> 12: 31 c0 xor %eax,%eax >> 14: 31 d2 xor %edx,%edx >> 16: 31 c9 xor %ecx,%ecx >> 18: 31 f6 xor %esi,%esi >> 1a: 31 ff xor %edi,%edi >> 1c: 45 31 c0 xor %r8d,%r8d >> 1f: 45 31 c9 xor %r9d,%r9d >> 22: c3 ret >> 23: 90 nop >> 24: 0f 0b ud2 >> 26: 90 nop >> 27: eb ad jmp 0xffffffffffffffd6 >> 29: 90 nop >> 2a:* 0f 0b ud2 <-- trapping >> instruction >> 2c: 90 nop >> 2d: eb 82 jmp 0xffffffffffffffb1 >> 2f: 90 nop >> 30: 0f 0b ud2 >> 32: 90 nop >> 33: 48 8d 7e 08 lea 0x8(%rsi),%rdi >> 37: e8 2d a2 bf ff call 0xffffffffffbfa269 >> 3c: e9 .byte 0xe9 >> 3d: ca fc ff lret $0xfffc >> >> Code starting with the faulting instruction >> =========================================== >> 0: 0f 0b ud2 >> 2: 90 nop >> 3: eb 82 jmp 0xffffffffffffff87 >> 5: 90 nop >> 6: 0f 0b ud2 >> 8: 90 nop >> 9: 48 8d 7e 08 lea 0x8(%rsi),%rdi >> d: e8 2d a2 bf ff call 0xffffffffffbfa23f >> 12: e9 .byte 0xe9 >> 13: ca fc ff lret $0xfffc >> [ 36.671148][ T197] RSP: 0000:ffffc900019ffad8 EFLAGS: 00010202 >> [ 36.671931][ T197] RAX: 1ffff1102e73f0bf RBX: ffff888173c55ab0 >> RCX: 0000000000000000 >> [ 36.672880][ T197] RDX: 1ffff110241d68e2 RSI: 0000000000000000 >> RDI: ffff8881739f85f8 >> [ 36.673933][ T197] RBP: ffff888120eb4700 R08: 0000000000000000 >> R09: 0000000000000000 >> [ 36.675002][ T197] R10: 0000000000000000 R11: 0000000000000000 >> R12: ffff8881739f8550 >> [ 36.676082][ T197] R13: ffff888173c55aa0 R14: dffffc0000000000 >> R15: ffff888120eb4710 >> [ 36.677134][ T197] FS: 0000000000000000(0000) >> GS:ffff8883af300000(0000) knlGS:0000000000000000 >> [ 36.678328][ T197] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 >> [ 36.679207][ T197] CR2: 000000005663e33c CR3: 000000012021c000 >> CR4: 00000000000406b0 >> [ 36.680251][ T197] Call Trace: >> [ 36.680681][ T197] <TASK> >> [ 36.681079][ T197] ? __warn (kernel/panic.c:735) >> [ 36.681682][ T197] ? unlink_anon_vmas (mm/rmap.c:443 (discriminator 1)) >> [ 36.682312][ T197] ? report_bug (lib/bug.c:180 lib/bug.c:219) >> [ 36.682920][ T197] ? handle_bug (arch/x86/kernel/traps.c:239) >> [ 36.683494][ T197] ? exc_invalid_op (arch/x86/kernel/traps.c:260 >> (discriminator 1)) >> [ 36.684125][ T197] ? asm_exc_invalid_op >> (arch/x86/include/asm/idtentry.h:621) >> [ 36.684804][ T197] ? unlink_anon_vmas (mm/rmap.c:443 (discriminator 1)) >> [ 36.685501][ T197] ? unlink_anon_vmas (mm/rmap.c:400) >> [ 36.686185][ T197] free_pgtables (mm/memory.c:410) >> [ 36.686819][ T197] ? free_pgd_range (mm/memory.c:367) >> [ 36.687466][ T197] ? preempt_count_add (include/linux/ftrace.h:976 >> kernel/sched/core.c:5634 kernel/sched/core.c:5659) >> [ 36.688179][ T197] exit_mmap (mm/mmap.c:1934) >> [ 36.688758][ T197] ? trace_contention_end >> (include/trace/events/lock.h:122 (discriminator 52)) >> [ 36.689496][ T197] ? do_vma_munmap (mm/mmap.c:1895) >> [ 36.690125][ T197] ? __mutex_lock >> (arch/x86/include/asm/preempt.h:103 kernel/locking/mutex.c:618 >> kernel/locking/mutex.c:752) >> [ 36.690779][ T197] ? __mutex_unlock_slowpath >> (arch/x86/include/asm/atomic64_64.h:101 >> include/linux/atomic/atomic-arch-fallback.h:4329 >> include/linux/atomic/atomic-long.h:1506 >> include/linux/atomic/atomic-instrumented.h:4481 >> kernel/locking/mutex.c:929) >> [ 36.691585][ T197] __mmput (kernel/fork.c:1346) >> [ 36.692143][ T197] exit_mm (kernel/exit.c:572) >> [ 36.692699][ T197] do_exit (arch/x86/include/asm/jump_label.h:27 >> include/linux/jump_label.h:207 include/trace/events/sched.h:333 >> kernel/exit.c:930) >> [ 36.693256][ T197] ? do_raw_spin_lock >> (arch/x86/include/asm/atomic.h:107 >> include/linux/atomic/atomic-arch-fallback.h:2170 >> include/linux/atomic/atomic-instrumented.h:1302 >> include/asm-generic/qspinlock.h:111 kernel/locking/spinlock_debug.c:116) >> [ 36.693947][ T197] ? stack_not_used (kernel/exit.c:878) >> [ 36.694605][ T197] ? _raw_spin_unlock_irq >> (arch/x86/include/asm/irqflags.h:42 >> arch/x86/include/asm/irqflags.h:97 >> include/linux/spinlock_api_smp.h:159 kernel/locking/spinlock.c:202) >> [ 36.695304][ T197] do_group_exit (kernel/exit.c:1069) >> [ 36.695908][ T197] __ia32_sys_exit_group (kernel/exit.c:1097) >> [ 36.696561][ T197] ia32_sys_call (??:?) >> [ 36.697142][ T197] do_int80_emulation (arch/x86/entry/common.c:165 >> arch/x86/entry/common.c:253) >> [ 36.697852][ T197] asm_int80_emulation >> (arch/x86/include/asm/idtentry.h:626) >> [ 36.698504][ T197] RIP: 0023:0xf7f03092 >> [ 36.699039][ T197] Code: Unable to access opcode bytes at 0xf7f03068. >> >> Code starting with the faulting instruction >> =========================================== >> [ 36.699967][ T197] RSP: 002b:00000000ffcfddd8 EFLAGS: 00000296 >> ORIG_RAX: 00000000000000fc >> [ 36.701055][ T197] RAX: ffffffffffffffda RBX: 0000000000000000 >> RCX: 0000000003323d2f >> [ 36.702120][ T197] RDX: 00000000ffcfde00 RSI: 0000000056633734 >> RDI: 00000000f7ef8000 >> [ 36.703147][ T197] RBP: 00000000ffcfdef8 R08: 0000000000000000 >> R09: 0000000000000000 >> [ 36.704165][ T197] R10: 0000000000000000 R11: 0000000000000000 >> R12: 0000000000000000 >> [ 36.705185][ T197] R13: 0000000000000000 R14: 0000000000000000 >> R15: 0000000000000000 >> [ 36.706281][ T197] </TASK> >> [ 36.706698][ T197] irq event stamp: 10051 >> [ 36.707257][ T197] hardirqs last enabled at (10059): console_unlock >> (arch/x86/include/asm/irqflags.h:26 >> arch/x86/include/asm/irqflags.h:87 >> arch/x86/include/asm/irqflags.h:147 kernel/printk/printk.c:341 >> kernel/printk/printk.c:2801 kernel/printk/printk.c:3120) >> [ 36.708455][ T197] hardirqs last disabled at (10066): console_unlock >> (kernel/printk/printk.c:339 kernel/printk/printk.c:2801 >> kernel/printk/printk.c:3120) >> [ 36.709660][ T197] softirqs last enabled at (10006): handle_softirqs >> (arch/x86/include/asm/preempt.h:26 kernel/softirq.c:401 >> kernel/softirq.c:582) >> [ 36.710805][ T197] softirqs last disabled at (9997): irq_exit_rcu >> (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637 >> kernel/softirq.c:649) >> [ 36.711941][ T197] ---[ end trace 0000000000000000 ]--- >> >> >> The kernel config and materials to reproduce are available at: >> https://download.01.org/0day-ci/archive/20240823/202408230938.43f55b4-lkp@intel.com >> >> >> >> >> -- >> 0-DAY CI Kernel Test Service >> https://github.com/intel/lkp-tests/wiki >> >
diff --git a/include/linux/rmap.h b/include/linux/rmap.h index 91b5935e8485..8607d28a3146 --- a/include/linux/rmap.h +++ b/include/linux/rmap.h @@ -257,6 +257,7 @@ void folio_remove_rmap_ptes(struct folio *, struct page *, int nr_pages, folio_remove_rmap_ptes(folio, page, 1, vma) void folio_remove_rmap_pmd(struct folio *, struct page *, struct vm_area_struct *); +void folio_remove_anon_avc(struct folio *, struct vm_area_struct *); void hugetlb_add_anon_rmap(struct folio *, struct vm_area_struct *, unsigned long address, rmap_t flags); diff --git a/mm/memory.c b/mm/memory.c index 93c0c25433d0..4c89cb1cb73e --- a/mm/memory.c +++ b/mm/memory.c @@ -3428,6 +3428,14 @@ static vm_fault_t wp_page_copy(struct vm_fault *vmf) * old page will be flushed before it can be reused. */ folio_remove_rmap_pte(old_folio, vmf->page, vma); + + /* + * If the new_folio's anon_vma is different from the + * old_folio's anon_vma, the avc binding relationship + * between vma and the old_folio's anon_vma is removed, + * avoiding rmap redundant overhead. + */ + folio_remove_anon_avc(old_folio, vma); } /* Free the old page.. */ diff --git a/mm/rmap.c b/mm/rmap.c index 1103a536e474..0b9111c59dc2 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -1522,6 +1522,46 @@ void folio_add_file_rmap_pmd(struct folio *folio, struct page *page, #endif } +void folio_remove_anon_avc(struct folio *folio, + struct vm_area_struct *vma) +{ + struct anon_vma *anon_vma = folio_anon_vma(folio); + pgoff_t pgoff_start, pgoff_end; + struct anon_vma_chain *avc; + + /* + * Ensure that the vma's anon_vma and the folio's + * anon_vma exist and are not the same. + */ + if (!folio_test_anon(folio) || unlikely(!anon_vma) || + anon_vma == vma->anon_vma) + return; + + pgoff_start = folio_pgoff(folio); + pgoff_end = pgoff_start + folio_nr_pages(folio) - 1; + + if (!anon_vma_trylock_write(anon_vma)) + return; + + anon_vma_interval_tree_foreach(avc, &anon_vma->rb_root, + pgoff_start, pgoff_end) { + /* + * Find the avc associated with vma from the folio's + * anon_vma and remove it. + */ + if (avc->vma == vma) { + list_del(&avc->same_vma); + anon_vma_interval_tree_remove(avc, &anon_vma->rb_root); + + if (RB_EMPTY_ROOT(&anon_vma->rb_root.rb_root)) + anon_vma->parent->num_children--; + anon_vma_chain_free(avc); + break; + } + } + anon_vma_unlock_write(anon_vma); +} + static __always_inline void __folio_remove_rmap(struct folio *folio, struct page *page, int nr_pages, struct vm_area_struct *vma, enum rmap_level level)
After do_wp_page, the vma established a new mapping relationship with the new folio, and released the mapping relationship with the old folio. However, the avc binding relationship between the vma and the anon_vma in old folio still exists, and old folio can still traverse the unrelated vma during rmap. This is incorrent and will increase the rmap redundant overhead. This patch will remove the avc binding relationship between vma and anon_vma in old folio, alleviating rmap overhead. Signed-off-by: Zhiguo Jiang <justinjiang@vivo.com> --- include/linux/rmap.h | 1 + mm/memory.c | 8 ++++++++ mm/rmap.c | 40 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 49 insertions(+)