Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp2684938pxa;
        Mon, 17 Aug 2020 16:36:09 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJxsaxZydZYCzX0oXME1aei8mJhWcnUQF38wXZRn6gkr8Ym4rU8EaU+23ddjrjtLcExbqKzp
X-Received: by 2002:a17:906:5ad8:: with SMTP id x24mr16695627ejs.329.1597707368960;
        Mon, 17 Aug 2020 16:36:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1597707368; cv=none;
        d=google.com; s=arc-20160816;
        b=xpkBzPMSb9rhsymgDdzQy0Stzyb/FIqbpQFx+ydSlyfHApeADyCXl0PGnJDoBm9a11
         KPFdU0J6rRAJyElQkgtpbAouBO97k072gY2Zf2oK9qhIDvEYKF7Fllkbexlr5I4G8FPh
         KpvRQR2mBI3KO9aaonHnAWGTBSnMNlqoaWdI6P47nZCO0U7ZqplldTCJCqbLJe0rnR6X
         /g5GB356tNsuvH0yL8nGF64QfYpySkjuPjBlpxYuMbcESlPA3z5eExXX2VJT7Ri55q+f
         XrGz5AYfTchJniGOfM0cFKk7p23S980ywiaR0SEmTLqRLaLcF1tffRgbLcw+gP01wlhZ
         NBtA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=WDaNvWkqzm6caaEe1B0qA/ONFIO+S2PQpkxNU8y5rjQ=;
        b=WOES9O1c+8V90NIJGWsBVaeYdEeC1O4wI13fUVFWVkxLwkt/5oZuo69G87yeMnsVNx
         l+wNfK52KiNZqxjaqiufMclKKouzqfAsK/G8218QiOFPdQhILq8QxkMpiaYLNBOgoq0n
         lPXpufBUgTdTfpfcocSksuAd5ETTalkMop6noeukh8zqzo+vZnjYqGWRaUk7jpW9Wpsy
         +3/RWTybIGAPA958WjobGpkohTRJrCoKf7Oipr8UW0HEAVAILcg5xk2gcLNaue9PvSKY
         xoKV1YxFb5BdJlCtqWnBphmmW3n4waOQUTiiRgANsB9rPP/CPC+AiQ2h03q4nCTUXagL
         XURA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=pkTdLRrX;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id fx18si12148183ejb.235.2020.08.17.16.35.45;
        Mon, 17 Aug 2020 16:36:08 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=pkTdLRrX;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726920AbgHQUur (ORCPT <rfc822;parkch98@gmail.com> + 99 others);
        Mon, 17 Aug 2020 16:50:47 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55824 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726165AbgHQUum (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 17 Aug 2020 16:50:42 -0400
Received: from mail-ej1-x642.google.com (mail-ej1-x642.google.com [IPv6:2a00:1450:4864:20::642])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BB8CDC061389
        for <linux-kernel@vger.kernel.org>; Mon, 17 Aug 2020 13:50:41 -0700 (PDT)
Received: by mail-ej1-x642.google.com with SMTP id bo3so19418023ejb.11
        for <linux-kernel@vger.kernel.org>; Mon, 17 Aug 2020 13:50:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=WDaNvWkqzm6caaEe1B0qA/ONFIO+S2PQpkxNU8y5rjQ=;
        b=pkTdLRrXB+5YlBJUBPXrnBVMqqkA6coVYHzqF7833j3SefWK1EvleeXK55563+dCQa
         1ZNBfEYKZDIQ0/tRMrexHUxizXDoSz6CuNx6552lrC8hAdM89Eh4ZCjrvATuDaPjmXff
         lqr9FkMeb8lz+8k4CsB9w9h64/sxCMXvAI6Dwl6qNSOSCe37JMM3H0hYrGoiEkzLaPeX
         Rj7PAMabnr5uhtWhoIyCFOEvW/QZ0XmYeUmbHfwqVTDVRSl+xlRbszeV+PKV2ABz0xqV
         3DwYzc+lhdRU+yUof/Ir9MmtQlK2k5YbqiyOsvaDuYfedLucyVe+WMImhIrTvb0pHvEX
         UuvA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=WDaNvWkqzm6caaEe1B0qA/ONFIO+S2PQpkxNU8y5rjQ=;
        b=birCjS7vHpXCZvU5xwYnBHftYwiktO9cSWtBroGKmkMymQmu0Dtwsbyr7Bz+EBul6Z
         EClpd2mGhe5Q3Ldlpusoxjo80aQXekCEHjAPZk92r0CVXVUeRmvVhzZ+ZR4MJ9RAB5SF
         Hr3homYQZvqi4TXmPC3U3+7jr9saU8gKN5QTmo0tGZf7829tzbMxEpk6IJg/7Zq4x99C
         dQYdrnj93GXqgzEwa6p8OBStUhs5XEALOT7lrWOwibeIHRRTOmYHMxvcgrOCPz0CmKbG
         2mPbzsP1+Iz9k4ZcJnE7MPI6sDhonbnRB3VGs8tdpJMPhrDe64dE8VcQLKDaz+d4xLpN
         uceQ==
X-Gm-Message-State: AOAM532VVV95oQcEVd9rvOHEFSHFk9L0zF9jt5LbbvGYFKRkKhXDJkT3
        oeOtYKd0vSNUZqVCW0xpi2HpF4BggZarthbl2PU=
X-Received: by 2002:a17:906:3616:: with SMTP id q22mr17771581ejb.79.1597697440475;
 Mon, 17 Aug 2020 13:50:40 -0700 (PDT)
MIME-Version: 1.0
References: <alpine.LSU.2.11.2008021204390.27773@eggly.anvils>
 <alpine.LSU.2.11.2008021217020.27773@eggly.anvils> <alpine.LSU.2.11.2008141503370.18085@eggly.anvils>
In-Reply-To: <alpine.LSU.2.11.2008141503370.18085@eggly.anvils>
From:   Yang Shi <shy828301@gmail.com>
Date:   Mon, 17 Aug 2020 13:50:28 -0700
Message-ID: <CAHbLzkpYWxGiXqyaF167dj_qFo1apchryGHv_RG4UKQgY5-jOQ@mail.gmail.com>
Subject: Re: [PATCH] khugepaged: adjust VM_BUG_ON_MM() in __khugepaged_enter()
To:     Hugh Dickins <hughd@google.com>
Cc:     Andrew Morton <akpm@linux-foundation.org>,
        "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
        Andrea Arcangeli <aarcange@redhat.com>,
        Song Liu <songliubraving@fb.com>,
        Mike Kravetz <mike.kravetz@oracle.com>,
        Eric Dumazet <edumazet@google.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Linux MM <linux-mm@kvack.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Aug 14, 2020 at 3:13 PM Hugh Dickins <hughd@google.com> wrote:
>
> syzbot crashes on the VM_BUG_ON_MM(khugepaged_test_exit(mm), mm) in
> __khugepaged_enter(): yes, when one thread is about to dump core, has set
> core_state, and is waiting for others, another might do something calling
> __khugepaged_enter(), which now crashes because I lumped the core_state
> test (known as "mmget_still_valid") into khugepaged_test_exit().  I still
> think it's best to lump them together, so just in this exceptional case,
> check mm->mm_users directly instead of khugepaged_test_exit().
>
> Reported-by: syzbot <syzkaller@googlegroups.com>
> Fixes: bbe98f9cadff ("khugepaged: khugepaged_test_exit() check mmget_still_valid()")
> Signed-off-by: Hugh Dickins <hughd@google.com>
> Cc: stable@vger.kernel.org # v4.8+

Acked-by: Yang Shi <shy828301@gmail.com>

> ---
>
>  mm/khugepaged.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> --- v5.9-rc/mm/khugepaged.c     2020-08-12 19:46:50.867196579 -0700
> +++ linux/mm/khugepaged.c       2020-08-14 14:24:32.739457309 -0700
> @@ -466,7 +466,7 @@ int __khugepaged_enter(struct mm_struct
>                 return -ENOMEM;
>
>         /* __khugepaged_exit() must not run from under us */
> -       VM_BUG_ON_MM(khugepaged_test_exit(mm), mm);
> +       VM_BUG_ON_MM(atomic_read(&mm->mm_users) == 0, mm);
>         if (unlikely(test_and_set_bit(MMF_VM_HUGEPAGE, &mm->flags))) {
>                 free_mm_slot(mm_slot);
>                 return 0;
>