From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A8A2DC433FE for ; Mon, 17 Oct 2022 11:11:44 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 20B1A6B0075; Mon, 17 Oct 2022 07:11:44 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 1BB436B0078; Mon, 17 Oct 2022 07:11:44 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 083FF6B007B; Mon, 17 Oct 2022 07:11:44 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id E84EE6B0075 for ; Mon, 17 Oct 2022 07:11:43 -0400 (EDT) Received: from smtpin16.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id C0ED0803EE for ; Mon, 17 Oct 2022 11:11:43 +0000 (UTC) X-FDA: 80030176086.16.7780A5C Received: from mail-yb1-f175.google.com (mail-yb1-f175.google.com [209.85.219.175]) by imf15.hostedemail.com (Postfix) with ESMTP id 6CF71A002F for ; Mon, 17 Oct 2022 11:11:42 +0000 (UTC) Received: by mail-yb1-f175.google.com with SMTP id b145so12889262yba.0 for ; Mon, 17 Oct 2022 04:11:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=cR7RKyrnpCdX42yUtcjjGzfAur5/uF+2PLfIPET1Tlw=; b=YdHqVTugx78jHxO5u8NvhOYRFr8iJDvqsMG4XFaUTx4MSbl5JC40GjWVqdC9hOQA8s KaIj1LattbsGf+nvKE+0k5M+KDaKDJzt2AnLr5bSERQcuBCnrLMgLf8057/4i/nJZSl+ D2txtDN0THcqnUIDHQmJM/WOnbRLACb/FHn97S7PzrQeHFTOQ5PWqencCiudcarSfaK1 ac7U0Fbmz8FAEOL3XR/ZcrjpTZ0BTHn4nZnaq300rifosvfmGw1YgCCqGad37adQMG0w 3m4cekCOVw0mMkIkUnE8zcdB3IugQ1599oj0Tz6vHaXwFwhFSzkzIF+Hvrv6VokZDZ3G QGpg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=cR7RKyrnpCdX42yUtcjjGzfAur5/uF+2PLfIPET1Tlw=; b=J2zxo12G4hbIJxk7VhrUG3ZRxN81k7KsqQO+5NAbHFyHosEHn1Ms3i7WHnCXNn3jc9 HIXjgokkrmnJ+8aaAvXRGhzJpXZpigCugIZuyFEWGk5kt1GFJloROYRraHIo5limlKf6 t1Y3wdXz4iznM0G2SZNHLQilEkhM8MfV3HZEUE2c45Q0vbAbc+XFoi3f7SPwU4HmLzRt QPtIrnVDkSGS/+40FMSWAXP8kK2QbWAXoPav5cLnkC19SWVLmsQfWdvrq3LwUAOXLHrO QQ5dqfUmDBCsd0BueaQIRVc10zRGgnUFFwIVRV7ZCIs5opaNd6UUnObnhpgLXCEz1omN pjUg== X-Gm-Message-State: ACrzQf1hrKE/um+td6r5faM0ePSqkyMIuHnROPOTRl5c6MJDpoV1bxrL gGE/LTwVxLFy8RPDeX/xtUA+JMliBZu9TFfiNaY= X-Google-Smtp-Source: AMsMyM4QnJl8FDbDY9WXmrWaSRdFNE3iWXQ/D7bDXNd06gKLOLWArZ2kSkfa2hTRu6akRhzLSebyE8fKe4SsNrqaQlw= X-Received: by 2002:a25:b95:0:b0:6c2:53a8:3711 with SMTP id 143-20020a250b95000000b006c253a83711mr8622318ybl.27.1666005101496; Mon, 17 Oct 2022 04:11:41 -0700 (PDT) MIME-Version: 1.0 From: Lukas Bulwahn Date: Mon, 17 Oct 2022 13:11:30 +0200 Message-ID: Subject: Observed memory leak in hugetlb_reserve_pages To: Mike Kravetz , Muchun Song , Andrew Morton , Linux-MM , kernel-janitors , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1666005102; a=rsa-sha256; cv=none; b=ZlYJh1R1VRv5q9fNcgEQGAF1TBk6eyVD0eS48I393lrzY8rzVQpJlnHSbKsoW5otHoTmtz Y6UkbxLvJ5j2cUwqfE8/zEl0zjJ+qEWCDwdywWtfjcZYUy3wkiAgPDJMhd9qUViUj+Asds vFjmcGlk/o1yQVUOzZM4+LbF1LL7ppE= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=YdHqVTug; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf15.hostedemail.com: domain of lukas.bulwahn@gmail.com designates 209.85.219.175 as permitted sender) smtp.mailfrom=lukas.bulwahn@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1666005102; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=cR7RKyrnpCdX42yUtcjjGzfAur5/uF+2PLfIPET1Tlw=; b=S7X1EYZcSAGlqntFTiwG2sdQSsWxzoTTc3IWqv5ku7vD+CN8EP2KQ9nhWD78VQE0fA55EC jv474CEx7zRoGmAuF0XjryfwuhKDIps9NZ0l6fOcXh0I9lhJsOtbpoAl7BYXCzvZ6y1VKZ HQyEulN5w8i82cgNUA5TTvT9zAlgz+Y= X-Stat-Signature: yep5j1btd1h6psth4j91a19oa6x5j4so X-Rspamd-Queue-Id: 6CF71A002F X-Rspam-User: Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=YdHqVTug; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf15.hostedemail.com: domain of lukas.bulwahn@gmail.com designates 209.85.219.175 as permitted sender) smtp.mailfrom=lukas.bulwahn@gmail.com X-Rspamd-Server: rspam11 X-HE-Tag: 1666005102-487851 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Dear Mike, The reproducer for the 'memory leak in hugetlb_reserve_pages' bug (see https://elisa-builder-00.iol.unh.edu/syzkaller-next/report?id=3469603f4a0da86b581cc979bd6c6663b46ceb1b) is reproducible, it is triggering the memory leak on the current mainline (commit 60bb8154d1d7), and it was not triggering on v6.0. My build config is a x86_64 defconfig with some syzkaller-recommended debug options. I build the kernel with: make O=$BUILD defconfig && make O=$BUILD kvm_guest.config && \ ./scripts/kconfig/merge_config.sh -O $BUILD -r $BUILD/.config kernel/configs/syzkaller-recommended.config && \ make O=$BUILD -j`nproc` My syzkaller-recommended.config is: CONFIG_KCOV=y CONFIG_KCOV_INSTRUMENT_ALL=y CONFIG_KCOV_ENABLE_COMPARISONS=y CONFIG_DEBUG_FS=y CONFIG_DEBUG_KMEMLEAK=y CONFIG_DEBUG_INFO=y CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_ALL=y CONFIG_CONFIGFS_FS=y CONFIG_SECURITYFS=y # CONFIG_RANDOMIZE_BASE is not set CONFIG_KASAN=y CONFIG_KASAN_INLINE=y CONFIG_FAULT_INJECTION=y CONFIG_FAULT_INJECTION_DEBUG_FS=y CONFIG_FAULT_INJECTION_USERCOPY=y CONFIG_FAILSLAB=y CONFIG_FAIL_PAGE_ALLOC=y CONFIG_FAIL_MAKE_REQUEST=y CONFIG_FAIL_IO_TIMEOUT=y CONFIG_FAIL_FUTEX=y CONFIG_LOCKDEP=y CONFIG_PROVE_LOCKING=y CONFIG_DEBUG_ATOMIC_SLEEP=y CONFIG_PROVE_RCU=y CONFIG_DEBUG_VM=y CONFIG_FORTIFY_SOURCE=y CONFIG_HARDENED_USERCOPY=y CONFIG_LOCKUP_DETECTOR=y CONFIG_SOFTLOCKUP_DETECTOR=y CONFIG_HARDLOCKUP_DETECTOR=y CONFIG_BOOTPARAM_HARDLOCKUP_PANIC=y CONFIG_DETECT_HUNG_TASK=y CONFIG_WQ_WATCHDOG=y CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=140 CONFIG_RCU_CPU_STALL_TIMEOUT=100 My git bisection showed that the first bad commit is [bbff39cc6cbcb86ccfacb2dcafc79912a9f9df69] hugetlb: allocate vma lock for all sharable vmas. Full git bisect report: git bisect start # bad: [60bb8154d1d77042a5d43d335a68fdb202302cbe] Merge tag 'xfs-6.1-for-linus' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux git bisect bad 60bb8154d1d77042a5d43d335a68fdb202302cbe # good: [4fe89d07dcc2804c8b562f6c7896a45643d34b2f] Linux 6.0 git bisect good 4fe89d07dcc2804c8b562f6c7896a45643d34b2f # good: [ff6862c23d2e83d12d1759bf4337d41248fb4dc8] Merge tag 'arm-drivers-6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc git bisect good ff6862c23d2e83d12d1759bf4337d41248fb4dc8 # good: [e8bc52cb8df80c31c73c726ab58ea9746e9ff734] Merge tag 'driver-core-6.1-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core git bisect good e8bc52cb8df80c31c73c726ab58ea9746e9ff734 # good: [4899a36f91a9f9b06878471096bd143e7253006d] Merge tag 'powerpc-6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux git bisect good 4899a36f91a9f9b06878471096bd143e7253006d # good: [0e0073eb1b60f4ec6faecea034a6772fe1409a88] Merge tag 'hyperv-next-signed-20221009' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux git bisect good 0e0073eb1b60f4ec6faecea034a6772fe1409a88 # good: [2f3568017268fc34eb0b6b4b3163c0f2e619fde6] kasan: move kasan_get_*_meta to generic.c git bisect good 2f3568017268fc34eb0b6b4b3163c0f2e619fde6 # good: [a57ae9ef9e1a20b68ae841a8cab7aff3f000ed9d] mm/page_alloc: update comments for rmqueue() git bisect good a57ae9ef9e1a20b68ae841a8cab7aff3f000ed9d # bad: [dc914858561c424978307561492fcf3145b8b525] Merge tag 'nfsd-6.1-1' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux git bisect bad dc914858561c424978307561492fcf3145b8b525 # good: [70442fc54e6889a2a77f0e9554e8188a1557f00e] Merge tag 'x86_mm_for_v6.1_rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip git bisect good 70442fc54e6889a2a77f0e9554e8188a1557f00e # good: [c91bdc9358992856721ff77887202a7e80b7ab22] mm: memcontrol: don't allocate cgroup swap arrays when memcg is disabled git bisect good c91bdc9358992856721ff77887202a7e80b7ab22 # good: [7d37539037c2fca70346fbedc219f655253d5cff] fuse: implement ->tmpfile() git bisect good 7d37539037c2fca70346fbedc219f655253d5cff # good: [131a79b474e973f023c5c75e2323a940332103be] hugetlb: fix vma lock handling during split vma and range unmapping git bisect good 131a79b474e973f023c5c75e2323a940332103be # bad: [27bc50fc90647bbf7b734c3fc306a5e61350da53] Merge tag 'mm-stable-2022-10-08' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm git bisect bad 27bc50fc90647bbf7b734c3fc306a5e61350da53 # bad: [bbff39cc6cbcb86ccfacb2dcafc79912a9f9df69] hugetlb: allocate vma lock for all sharable vmas git bisect bad bbff39cc6cbcb86ccfacb2dcafc79912a9f9df69 # good: [ecfbd733878da48ed03a5b8a9c301366a03e3cca] hugetlb: take hugetlb vma_lock when clearing vma_lock->vma pointer git bisect good ecfbd733878da48ed03a5b8a9c301366a03e3cca # first bad commit: [bbff39cc6cbcb86ccfacb2dcafc79912a9f9df69] hugetlb: allocate vma lock for all sharable vmas If there is more information needed, please let me know. Best regards, Lukas