From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id F05A7C433EF for ; Thu, 24 Mar 2022 03:59:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2BCE86B0072; Wed, 23 Mar 2022 23:59:18 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 26B086B0073; Wed, 23 Mar 2022 23:59:18 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0E6826B0074; Wed, 23 Mar 2022 23:59:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0115.hostedemail.com [216.40.44.115]) by kanga.kvack.org (Postfix) with ESMTP id F2D946B0072 for ; Wed, 23 Mar 2022 23:59:17 -0400 (EDT) Received: from smtpin22.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay02.hostedemail.com (Postfix) with ESMTP id A0C86A5BC6 for ; Thu, 24 Mar 2022 03:59:17 +0000 (UTC) X-FDA: 79277924754.22.32568FF Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2062.outbound.protection.outlook.com [40.107.93.62]) by imf23.hostedemail.com (Postfix) with ESMTP id CFF0B14002C for ; Thu, 24 Mar 2022 03:59:15 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=P9ZkVd5mcFRsOPMCK+tM7964uNEaRUJdAv6PLzbaFtubMyCWXH7ykKodoxj63u5/8W2oJolFSGED6WyBWqUueUuEzTFGWjROUfJ9dGAmxIorA1FYC5ZnQ92SkIL2bJdX+E56USrJVwuhAefuvkFKxTbwNiSQvGVL87wskwcWOgtOio7C4QPr+bFPbPA2nAvxkC5hh53t4aaWu3XeQOFCjrMQ0kMfuJ6UPf3Da0xq9FxiPSj7dvgBBpDM4KgyuIAMEPtbtG8KL3kXUEeBEziCHEMDdSqVif57z70qaAecwBcLuQRM2ZUvyoU/CpT8k3NT/gBud+JwG6jPVROSvhFsCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BiS9AKmKwIDjluHxg5QBmqSTs69OisGq7ukZPD7GT+w=; b=Z0QZSqGmm+QNzyOBD4m+VudHgq1NmZyidVuAfXy60/xUcOym/jRvpCRIWdjFpP1m2W4IFbYC98xjL/CDpW2oVijIk0gRaunocAJHHTbE6+21cnXriXrUFW+nFhasV/nsSCshyyFbOvTEpp3u8SG8+6yy2xfUVBCwleHmPBChxxrRMneBVhaEVPIYSzZ+ubMuzVZuiH1RoY8hVw5eqFQ6mcg8TofF+Z6sgkLhFk3IdkIx292ndBUR2y0yA2azheP8bdpueKv2oO1UfY1/DcYvjVS0tyqG81I5CbCYul3ZUOk9xa9UdB1PXLfac76WyOYOoPXpSXvLSVYHjGYZ3iabVw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BiS9AKmKwIDjluHxg5QBmqSTs69OisGq7ukZPD7GT+w=; b=AtjM7Q0b47rVqISaxUg+oHy/zYxTMAsoZQ3eLglby5VxoVzUa7//QPGcpojuRtXh/MWv5WEfYSyw+028qyKrS9cWy7eL6gtwz+wbtaQfO8raaXr69RqJBoP97AERUPYXZqchF0Al1XXyjbywb71UxemQv7HkZCnx7INMKt/GC0jqch8kW/XpIJz/MnP5/at0cADoOpcNj8f4lHeJySz8T9Ub0B0vElghxGujr68kOX50ijOQNjHPUwN0k5CKBgmW8vGq4A9Vm6utxKntPFXEJmdNSR80Fh3jlDodnE/CsE0cR6ithtbjiO6jdErtVbSGN/Rv3ClrhPIEU87NCJxCeQ== Received: from BYAPR12MB3176.namprd12.prod.outlook.com (2603:10b6:a03:134::26) by DM6PR12MB2841.namprd12.prod.outlook.com (2603:10b6:5:49::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5102.16; Thu, 24 Mar 2022 03:59:13 +0000 Received: from BYAPR12MB3176.namprd12.prod.outlook.com ([fe80::152f:613b:7041:68d6]) by BYAPR12MB3176.namprd12.prod.outlook.com ([fe80::152f:613b:7041:68d6%7]) with mapi id 15.20.5102.018; Thu, 24 Mar 2022 03:59:13 +0000 From: Alistair Popple To: Matthew Wilcox Cc: Sebastian Andrzej Siewior , linux-mm@kvack.org, Andrew Morton , Thomas Gleixner Subject: Re: BUG_ON() in pfn_swap_entry_to_page() Date: Thu, 24 Mar 2022 14:51:25 +1100 References: <871qyt4g4a.fsf@nvdebian.thelocal> User-agent: mu4e 1.6.9; emacs 27.1 In-reply-to: Message-ID: <87fsn8hugi.fsf@nvdebian.thelocal> Content-Type: multipart/mixed; boundary="=-=-=" X-ClientProxiedBy: SJ0PR03CA0339.namprd03.prod.outlook.com (2603:10b6:a03:39c::14) To BYAPR12MB3176.namprd12.prod.outlook.com (2603:10b6:a03:134::26) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: ecc03131-2f47-415d-2fd0-08da0d4aa8b5 X-MS-TrafficTypeDiagnostic: DM6PR12MB2841:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: bESHeCSNupy8UUFxvxwY1CX0/62cSp3z/srbpy2kpB/S5eq64KCaGdtewRZPthi3kUOkMDMWTLbFgTbIY0FfpQ6SM8R4U+Wo+L+g3mq3nUPgbYzVXRPGjJI2STc9zcNxrqZGmwsq73gU5Z+q7kbViqkORxfiJUGfDLZsNIIl/JherEwPArX8TY8KRjbQC69+ti6KpiLUNuZCQGlV2IHO4jBlmzxH+k506u0+EARJkhIwDtGro+oz9uxAwzsgvPiIyvzyjtjmu9Bj1fgSTdsw/ycE72qu5V88E1n3mENUFR4smuoVk67XNoiEGPhFRWdy7Bf3QC1ARA2NbPapnkpYVM6B17qf4lsB1ySN9T9hmYBzOH7dt9yHwwoIAx0YVB93R3V7FAOXXexY3DBmFeHKpMkUuWEHVmS6f1FM3xI2eF+oGxewQvpezao9jKcdBxSocTCbUMT0Tg2ZcZ4avyG238AMcW3j2VQS21My2XI+h/uq4RLLE24CmeA0xzPCvwkhdPbbtbENXXeYglz01I0FKekh7HGxqE4+1eR6s8uc7U04S9vmc6vfG7Mo+SuFQG024qrLlYVuWCbOa8ux1PgNFAKZrcR/zQ4+3dtWpNF8TTuXGFrLuzwODMbv3YZ50BTpps50Hgd4wWycwjYyWukSJA== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BYAPR12MB3176.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(6512007)(6486002)(9686003)(8936002)(6666004)(316002)(54906003)(6916009)(508600001)(5660300002)(6506007)(8676002)(44144004)(4326008)(66946007)(38100700002)(66476007)(66556008)(86362001)(186003)(83380400001)(2906002)(26005);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?G7wClKb7/aWcd7KcBUQ4NyCw4rGHK88mJ2+XV2z4T8CANXzr5SmvqnQfFR6M?= =?us-ascii?Q?70dnYJyk2BnIewCq+Umv8QTpY5T1OiJ7J4KADQqEQQo1SaB+Ww7pnP9zZGPq?= =?us-ascii?Q?nf1kTUxCJHrmdbhYgDgSN3M8nvubSwLu7rkswMbDGL50MQkJ2BzTq3WAPRMw?= =?us-ascii?Q?KRPXzBsJFjSdxBFK9Mt3WEC9rMPS0zT9nSHWnofo7aGQ1EgZluZY+LHiluKN?= =?us-ascii?Q?TrxSFBRptJ7rbCNI3YnJ1w9bBs7KANCZkAIuX3UDkswr7LvpBgQz2tt3gMIl?= =?us-ascii?Q?1pie+pcvAVK2u/yDZz+P5Yvd7xjomx46+16xJ0bNPLv4htI468j0JUogDtwl?= =?us-ascii?Q?9KUUAWv1Of5kJGAxkhsFJHFFrb4SLzgc/r4+O3ns/pAKBlncHNVouHle+ga8?= =?us-ascii?Q?ZgvhKgDIwswi2ercBlAv2C4CWVhd2M13+XX59I+6dtbvWF3O8Zj5rAYKVrHO?= =?us-ascii?Q?KkK3uL2Gf3YUjIqCBVKAzJqxSbEuUk7q3R7oQNSpaQC4bAbIPoJ1cnSwrWup?= =?us-ascii?Q?/4+FcNL4R7mscwyb1JoJk5o9jZqdwKY5TUtlcvPw4P34wBi8z46s4IQwfKQ4?= =?us-ascii?Q?SX4tj0K2XIyn5dCGvKNi3JUKoml/fFET6v46n2xQpBZoVgU/gK8BP3uPyZTF?= =?us-ascii?Q?o4N3m2VVNzxv3mrs50ZiB1Lby7xS+MmBKEpleQnDmFCTaLISq1v95W+QT27w?= =?us-ascii?Q?zB+EuuFN3aapJJqIC3k9j2fhwMhzLEcYJqRDt7tv8/H/DQ3T5N16WiA6/hwQ?= =?us-ascii?Q?SfxZ4pO9CBllyWhorYwHAjzSsoJgLF4pEt/ARNvp+8KQfkmUaVNWPMi4ZZVI?= =?us-ascii?Q?Fs7qEQ1Ivr/IdCckfVDLHBMIH9bM8tR8WnnFwohVlfwL/cC67aqViStKrx/s?= =?us-ascii?Q?zQ9+JNBoF9e5d8oRg3oiLE06vcGpoo9liqSjJfmhQfp75G+4R1cTIswt9Ljx?= =?us-ascii?Q?8qOnLZFRNTRBXLj7hrduGjz3h6+L5T+urZ3VdCqysDLrO9u25zm1peS0nCAB?= =?us-ascii?Q?0qH4U+C4e1EOkwhsVfY+imJCJk/y7aEp6i5wx2S2HfFtppQ4fntKUJcwqcut?= =?us-ascii?Q?01u+zyis0pWHvGl9LgEG5C1SJ4KDvJI83ulApOAmZi0ijPKDCL9Bo4/iJh5n?= =?us-ascii?Q?asYFl7Nlsn2vSe4FNUhlki3B+HWIIW3TAlWRr3DDZXJEqeEK2mpbbs3jZm9V?= =?us-ascii?Q?r0SrQC9vEC1Fe48o+RR6kGUtIV6O34oOir9Z7Pzz8jn4LXAmFOQveZAuNtRr?= =?us-ascii?Q?0YWr3zsjTvO+RcGwfuA9l8NAFr90V1mKmw2RWr38peHGMTjA4z0gkKepTR+p?= =?us-ascii?Q?ZZXAXhDS8BzqceBv81uWxITyXKxrmuEnuHhs613cEAPuYyDDawOJpFp4cVwP?= =?us-ascii?Q?Ot6hWpW8+Y5+jtHjD2/LUw72Dzav4Hy24NA4pUc0i+9wO0iA4h6weCXviQ/+?= =?us-ascii?Q?WicXd2ESTUWos+HR4yKUt2wq/3zA2v6F?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: ecc03131-2f47-415d-2fd0-08da0d4aa8b5 X-MS-Exchange-CrossTenant-AuthSource: BYAPR12MB3176.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 24 Mar 2022 03:59:13.7408 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: g0Efq3tDBKoXwY/3yzvYsags2Xwt9GpqDoti3Wi+W3SeWBkokGgIhHBN7l5EFj+VBTt9jTbNMITi8LdMnO4DCg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB2841 X-Stat-Signature: 9otb19qqy8wfifai84gxagd53iqq3ima Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=AtjM7Q0b; spf=none (imf23.hostedemail.com: domain of apopple@nvidia.com has no SPF policy when checking 40.107.93.62) smtp.mailfrom=apopple@nvidia.com; dmarc=pass (policy=reject) header.from=nvidia.com X-Rspam-User: X-Rspamd-Server: rspam02 X-Rspamd-Queue-Id: CFF0B14002C X-HE-Tag: 1648094355-516491 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: --=-=-= Content-Type: text/plain Content-Disposition: inline Matthew Wilcox writes: > On Wed, Mar 23, 2022 at 11:29:12AM +1100, Alistair Popple wrote: >> Matthew Wilcox writes: >> > It's not been reported before, but it seems obvious why it triggers. >> > I think it's ffa65753c431 "mm/migrate.c: rework migration_entry_wait() >> > to not take a pageref". >> >> It's obvious the BUG_ON() is because the page isn't locked, but it's less >> obvious to me at least why we have a migration entry pointing to an unlocked >> page. >> >> > There's a lot of inlining going on, so let's write this out: >> > >> > __handle_mm_fault >> > handle_pte_fault >> > do_swap_page(): >> > >> > entry = pte_to_swp_entry(vmf->orig_pte); >> > if (unlikely(non_swap_entry(entry))) { >> > if (is_migration_entry(entry)) { >> > migration_entry_wait(vma->vm_mm, vmf->pmd, >> > vmf->address); >> > >> > We don't (and can't) have the underlying page locked here. We're just >> > waiting for it to finish migration. >> >> Why can't the page be locked here? Waiting for migration to finish is equivalent >> to waiting for the page to be unlocked. __unmap_and_move() follows this rough >> sequence: >> >> __unmap_and_move() >> if (!trylock_page(page)) { >> if (!force || mode `= MIGRATE_ASYNC) >> goto out; >> >> /* >> * It's not safe for direct compaction to call lock_page. >> * For example, during page readahead pages are added locked >> * to the LRU. Later, when the IO completes the pages are >> * marked uptodate and unlocked. However, the queueing >> * could be merging multiple pages for one bio (e.g. >> * mpage_readahead). If an allocation happens for the >> * second or third page, the process can end up locking >> * the same page twice and deadlocking. Rather than >> * trying to be clever about what pages can be locked, >> * avoid the use of lock_page for direct compaction >> * altogether. >> */ >> if (current->flags & PF_MEMALLOC) >> goto out; >> >> lock_page(page); >> } >> >> [...] >> >> if (unlikely(!trylock_page(newpage))) >> goto out_unlock; >> >> [...] >> >> } else if (page_mapped(page)) { >> /* Establish migration ptes */ >> VM_BUG_ON_PAGE(PageAnon(page) && !PageKsm(page) && !anon_vma, >> page); >> try_to_migrate(page, 0); >> page_was_mapped = true; >> } >> >> if (!page_mapped(page)) >> rc = move_to_new_page(newpage, page, mode); >> >> if (page_was_mapped) >> remove_migration_ptes(page, >> rc =' MIGRATEPAGE_SUCCESS ? newpage : page, false); >> >> Both the source and destination pages (page and newpage respectively) are locked >> prior to installing migration entries in try_to_migrate() and unlocked after >> migration entries are removed. In order to remove a migration entry the PTL is >> required. Therefore while holding the PTL for a migration entry it should be >> impossible to observe it pointing to an unlocked page. > > Hm, right. We check the PTE initially, then take the PTL in > __migration_entry_wait() and then re-check that it's still a migration > entry. I can't think of how we're seeing this ... Right. The only thing I can think of is if we somehow didn't find all the migration entries to remove once migration is complete. There have been a few changes to page_vma_mapped_walk() but I haven't spotted anything yet that would cause this. --=-=-=--