From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 59165ECAA25
	for <linux-mm@archiver.kernel.org>; Thu, 25 Aug 2022 18:37:48 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id F1BF26B0074; Thu, 25 Aug 2022 14:37:47 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id ECB2D940007; Thu, 25 Aug 2022 14:37:47 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id D92646B007B; Thu, 25 Aug 2022 14:37:47 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11])
	by kanga.kvack.org (Postfix) with ESMTP id CAE856B0074
	for <linux-mm@kvack.org>; Thu, 25 Aug 2022 14:37:47 -0400 (EDT)
Received: from smtpin22.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay08.hostedemail.com (Postfix) with ESMTP id 95C0D1402A3
	for <linux-mm@kvack.org>; Thu, 25 Aug 2022 18:37:47 +0000 (UTC)
X-FDA: 79838973774.22.FB965C6
Received: from mail-vk1-f177.google.com (mail-vk1-f177.google.com [209.85.221.177])
	by imf03.hostedemail.com (Postfix) with ESMTP id 40ED12000A
	for <linux-mm@kvack.org>; Thu, 25 Aug 2022 18:37:47 +0000 (UTC)
Received: by mail-vk1-f177.google.com with SMTP id 134so6944623vkz.11
        for <linux-mm@kvack.org>; Thu, 25 Aug 2022 11:37:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc;
        bh=Je6qhfvrS8vy4XUkFBYFTXAkHRkyGOkwxCA+pgsaohk=;
        b=fkArAKuj929FJxOdlrFE0cO8drbfj1+u5sidsP6JdsQziO3BdVRXFXJ96BxkPrkW/i
         CExtf5apwP6VUm0oED7Ue2LTt50nTzU8eqGylHsbg0A1sBco429OG+phT9F/nOpjG3aT
         VU/H3VI8n97eZJ/cjPpW7hAVMp+9sD3K1i7YayjHpzD1VIRZDgP+MpGR4i4e+kpuW9oS
         vg6PcWMFYNAKo29bQ51jMePVQCYdY3RcuUJy40xeewviSI7uSk+foFFO4fcuTNAoSNGA
         QvjSmgTyHG3oeHbZPROl+ePeUD8zI7TMYKcebwN5LPL30qSPmml8fV67oQiZ6rxFxos7
         W/OA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc;
        bh=Je6qhfvrS8vy4XUkFBYFTXAkHRkyGOkwxCA+pgsaohk=;
        b=n7O35wbwfnVgK4e3kzm0nWGXBl0THJG6NKm24MwMJG83mUXfWgv+7OG7V16db5C3H/
         ZWW/IAvD/KLvF3MB1j1cEbsehlL35UnujJTQDV1bnpuZshDlQLU4rLvwu/mhbH6vcOdR
         Auur1LuVFV2nrSH+n3HPEn8XEf/ijL43XPBfdlLn8FA+MJmlFuBXTJWDKKQ/1naMIwnt
         DKAQDq0qNUzCfbRgUgj/3mCUhGV+lU2uoK63z/DEI7Uvzz78Hdr9lppLOZoUsISIHreU
         E/w1gxEwnbuPH4gbvsBxFb3rCz9dYmRrzppWMGmXw1DREiNoG3M0g50lddCdov0M2YS4
         Po7w==
X-Gm-Message-State: ACgBeo0LkH120mBAab55d8+CDa1NIyY0Hd8G+clKeye1dhvv0yXcAVC1
	7/K/2H4VsRgN1ctU0+m9zNocsQui0AaZE4k+/34NvA==
X-Google-Smtp-Source: AA6agR7CSLWuQSswHyTPt3WSUrmAri1mTDnDWjJvFI6pLqXqYFHX5Ee/OOwfHb2aVNgD0iENIX+AL/9pKbzDeSDYcPg=
X-Received: by 2002:a1f:5fca:0:b0:386:381f:3dc4 with SMTP id
 t193-20020a1f5fca000000b00386381f3dc4mr2133395vkb.11.1661452666316; Thu, 25
 Aug 2022 11:37:46 -0700 (PDT)
MIME-Version: 1.0
References: <485f8c33.2471b.182d5726afb.Coremail.hantianshuo@iie.ac.cn>
 <CAOUHufae70k8h76np6jbkQ93ncoYOPzTZm-fb_PEj4356uX_Pg@mail.gmail.com> <Ywe+LYttKKvpzFFB@casper.infradead.org>
In-Reply-To: <Ywe+LYttKKvpzFFB@casper.infradead.org>
From: Yu Zhao <yuzhao@google.com>
Date: Thu, 25 Aug 2022 12:37:10 -0600
Message-ID: <CAOUHufZc-5-ct+iBignBL8_S3QFDY_qYynqdi5ba-fJsAOxJ-Q@mail.gmail.com>
Subject: Re: (resend)WARNING: trying to isolate tail page in isolate_lru_page
To: Matthew Wilcox <willy@infradead.org>
Cc: Minchan Kim <minchan@kernel.org>, Andrew Morton <akpm@linux-foundation.org>, 
	Linux-MM <linux-mm@kvack.org>, =?UTF-8?B?6Z+p5aSp56GV?= <hantianshuo@iie.ac.cn>, 
	mawupeng <mawupeng1@huawei.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1661452667;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=Je6qhfvrS8vy4XUkFBYFTXAkHRkyGOkwxCA+pgsaohk=;
	b=jLnY0LhEBkTkzWjsld0BzaqRglWB/Pl1SPdcP9e8mP+O9yMM6wlHI9Bg32wYlU7/IqO4IT
	i5lQUpDXql9Ljqck1m5gymaKRQdxpnTsqbTBhK4CFy+DPg598+yg4zuPUHM+lTlLtM3SCR
	L+l5Av2J0GvfoN3foTq/W5AuPAo6DIA=
ARC-Authentication-Results: i=1;
	imf03.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=fkArAKuj;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf03.hostedemail.com: domain of yuzhao@google.com designates 209.85.221.177 as permitted sender) smtp.mailfrom=yuzhao@google.com
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1661452667; a=rsa-sha256;
	cv=none;
	b=llgDWQ8c9Y6ZNV/N//Dsn4ExxZ1irF4QXOqQ1QVAunSubUAf/GsDtGE3vgm4mBViUEooAA
	hKnNFwP5L8c8x88u+dDMyw7ZBI/9F3mZ8/9szSznPiqip6QArQB4MxgYq6JIWM33brCpdH
	O9dfmj0xQIiKzbrB2XkPj9hidSeRDDQ=
Authentication-Results: imf03.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=fkArAKuj;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf03.hostedemail.com: domain of yuzhao@google.com designates 209.85.221.177 as permitted sender) smtp.mailfrom=yuzhao@google.com
X-Rspamd-Server: rspam07
X-Rspamd-Queue-Id: 40ED12000A
X-Stat-Signature: 7yzsu9pssqyqct8fu1kmaznpxxqyje7h
X-Rspam-User: 
X-HE-Tag: 1661452667-810319
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu, Aug 25, 2022 at 12:23 PM Matthew Wilcox <willy@infradead.org> wrote=
:
>
> On Thu, Aug 25, 2022 at 10:50:19AM -0600, Yu Zhao wrote:
> > On Thu, Aug 25, 2022 at 8:40 AM =E9=9F=A9=E5=A4=A9=E7=A1=95 <hantianshu=
o@iie.ac.cn> wrote:
> > >
> > > Hello:
> > >
> > >     My Syzkaller reported me the following issue on:
> > >
> > >
> > > HEAD commit: 072e51356cd5a4a1c12c1020bc054c99b98333df Merge tag 'nfs-=
for-5.20-2' of git://git.linux-nfs.org/projects/trondmy/linux-nfs
> > >
> > > git tree: upstream
> > >
> > > kernel config: defconfig
> > >
> > > compiler: gcc (Ubuntu 9.4.0-1ubuntu1~20.04.1) 9.4.0
> > >
> > >
> > > ------------[ cut here ]------------
> > > trying to isolate tail page
> > > WARNING: CPU: 0 PID: 6175 at mm/folio-compat.c:158 isolate_lru_page+0=
x130/0x140
> > > Modules linked in:
> > > CPU: 0 PID: 6175 Comm: syz-executor.0 Not tainted 5.18.12 #1
> > > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1u=
buntu1.1 04/01/2014
> > > RIP: 0010:isolate_lru_page+0x130/0x140
> > > Code: c3 89 c6 e8 22 4f f2 ff 85 db 75 0d e8 a9 4d f2 ff 44 89 e0 5b =
5d 41 5c c3 e8 9c 4d f2 ff 48 c7 c7 a0 be 6a 93 e8 a9 f5 69 01 <0f> 0b eb d=
e 66 66 2e 0f 1f 84 00 00 00 00 00 90 41 54 55 48 89 fd
> > > loop3: detected capacity change from 0 to 16383
> > > RSP: 0018:ffff88800844f8b8 EFLAGS: 00010282
> > > RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
> > > RDX: ffffc90000509000 RSI: ffff8880037997c0 RDI: ffffed1001089f09
> > > RBP: ffffea000010b040 R08: ffffffff8117b3f8 R09: 0000000000000000
> > > R10: 0000000000000005 R11: ffffed100d2c4ead R12: 00000000fffffff0
> > > R13: ffff88800185aff0 R14: ffffea000010b048 R15: 0000000021000000
> > > FS:  00007f8acbd46700(0000) GS:ffff888069600000(0000) knlGS:000000000=
0000000
> > > CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > > CR2: 0000001b2c821000 CR3: 0000000005028005 CR4: 0000000000770ef0
> > > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> > > nfs4: Unknown parameter 'vfat'
> > > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> > > PKRU: 55555554
> > > Call Trace:
> > >  <TASK>
> > >  madvise_cold_or_pageout_pte_range+0x43b/0x8f0
> > >  __walk_page_range+0xa48/0x1310
> > >  walk_page_range+0x14b/0x280
> > >  madvise_pageout+0x184/0x260
> > >  madvise_vma_behavior+0x843/0x13f0
> > >  do_madvise+0x310/0x5b0
> > >  __x64_sys_madvise+0x5f/0x70
> > >  do_syscall_64+0x38/0x90
> > >  entry_SYSCALL_64_after_hwframe+0x44/0xae
> > > RIP: 0033:0x7f8acc5d38bd
> > > Code: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 =
89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f=
0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
> > > RSP: 002b:00007f8acbd45bf8 EFLAGS: 00000246 ORIG_RAX: 000000000000001=
c
> > > RAX: ffffffffffffffda RBX: 00007f8acc6f2f60 RCX: 00007f8acc5d38bd
> > > RDX: 0000000000000015 RSI: 0000000000004000 RDI: 0000000020ffc000
> > > RBP: 00007f8acc6400a9 R08: 0000000000000000 R09: 0000000000000000
> > > R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
> > > R13: 00007ffec656fb0f R14: 00007ffec656fcb0 R15: 00007f8acbd45d80
> > >  </TASK>
> >
> > The above is from 5.18. Another report from 5.10:
> > https://lore.kernel.org/r/d927a335-a70b-48d3-9645-1d33cc88bd9c@huawei.c=
om/
> >
> > We also hit it on 5.4, 5.10 and 5.15:
> >   trying to isolate tail page
> >   WARNING: CPU: 1 PID: 4608 at mm/vmscan.c:2096
> > isolate_lru_page+0xb4/0x527 mm/vmscan.c:2096
> >   Modules linked in:
>
> Looks like my analysis from yesterday was dropped:

I thought I missed your analysis but apparently it's not on linux-mm
or linux-kernel. Mail server malfunction?

> : This all seems quite plausible.  The reproducer seems to (correct me
> : if I'm wrong) create an AF_PACKET socket and mmap it.  af_packet.c
> : seems to create compound pages and mmap them.  This isn't folio-related
> : at all; I just moved the code that warns about it from mm/vmscan.c to
> : folio-compat.c.

Our syzkaller didn't find a reproducer, but the triggers are all
network related syscalls.

> : Looks like a long-standing bug in MADV_PAGEOUT to me.

Agreed.