Re: mm: another VM_BUG_ON_PAGE(PageTail(page))

"Kirill A. Shutemov" <kirill@xxxxxxxxxxxxx> · Thu, 28 Jan 2016 13:40:42 +0200

On Thu, Jan 28, 2016 at 11:55:14AM +0100, Dmitry Vyukov wrote:
> On Thu, Jan 28, 2016 at 11:51 AM, Kirill A. Shutemov
> <kirill@xxxxxxxxxxxxx> wrote:
> > On Thu, Jan 28, 2016 at 11:27:11AM +0100, Dmitry Vyukov wrote:
> >> Hello,
> >>
> >> The following program triggers VM_BUG_ON_PAGE(PageTail(page)):
> >>
> >> // autogenerated by syzkaller (http://github.com/google/syzkaller)
> >> #include <fcntl.h>
> >> #include <numaif.h>
> >> #include <sys/mman.h>
> >> #include <unistd.h>
> >>
> >> int main()
> >> {
> >>   int fd;
> >>
> >>   mmap((void*)0x20000000, 4096, PROT_READ|PROT_WRITE,
> >> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0);
> >>   fd = open("/dev/sg1", O_RDONLY|O_SYNC|0x100000);
> >>   mmap((void*)0x20001000, 0x4000, PROT_READ|PROT_WRITE,
> >> MAP_PRIVATE|MAP_FIXED, fd, 0);
> >>   mbind((void*)0x20000000, 0x4000, 0x8002, (void*)0x20002ff8, 3660,
> >> MPOL_MF_STRICT|MPOL_MF_MOVE);
> >>   return 0;
> >> }
> >
> > I don't have sg1 in my VM. I changed it to sg0 and it doesn't trigger an
> > issue: mbind() returns -EINVAL as it supposed to. Hm..
> 
> I've attached my config, and here is how I start qemu:
> 
> qemu-system-x86_64 -hda wheezy.img -net
> user,host=10.0.2.10,hostfwd=tcp::10022-:22 -net nic -nographic -kernel
> arch/x86/boot/bzImage -append "console=ttyS0 root=/dev/sda debug
> earlyprintk=serial slub_debug=UZ" -enable-kvm -pidfile vm_pid -m 2G
> -numa node,nodeid=0,cpus=0-1 -numa node,nodeid=1,cpus=2-3 -smp
> sockets=2,cores=2,threads=1 -usb -usbdevice mouse -usbdevice tablet
> -soundhw all

Still no luck. :-/

Could you try patch below. I want to see what vm_flags are.

diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index 27d135408a22..93edf181f88a 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -548,8 +548,10 @@ retry:
 			goto retry;
 		}
 
-		if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL))
+		if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) {
+			VM_BUG_ON_VMA(PageTail(page), vma);
 			migrate_page_add(page, qp->pagelist, flags);
+		}
 	}
 	pte_unmap_unlock(pte - 1, ptl);
 	cond_resched();
-- 
 Kirill A. Shutemov
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html






