WARNING: CPU: 0 PID: 2777 at arch/powerpc/mm/hugetlbpage.c:354 h,ugetlb_free_pgd_range+0xc8/0x1e4

Christophe LEROY christophe.leroy at c-s.fr
Fri Dec 22 23:03:38 AEDT 2017 


Le 22/12/2017 à 10:32, Christophe LEROY a écrit :
> 
> 
> Le 20/12/2017 à 13:17, Christophe LEROY a écrit :
>> Trying to malloc() with libhugetlbfs, it runs indefinitly doing page 
>> faults in do_page_fault()/hugetlb_fault().
>> When interrupting the blocked app with CTRL+C, I get the following 
>> WARNING:
>>
>> Any idea of what can be wrong ? I'm on a 8xx with 512k huge pages.
> 
> 
> It looks like something goes wrong when the app tries to mmap a 
> hugetlbpage at a given address.
> When it requests the page with a NULL address, it works well.
> 
> Any idea ?

Now I have found the reason:

I have something allocated

10000000-10001000 r-xp 00000000 00:0f 2597       /root/malloc
10010000-10011000 rwxp 00000000 00:0f 2597       /root/malloc

And mmap() accepts the hint, which is in the same PMD which is not a 
huge PMD:

mmap(0x10080000, 524288, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_ANONYMOUS|0x40000, -1, 0) = 0x10080000

Apparently, hugetlb_get_unmapped_area() doesn't care about that.

What should we do to handle it ? Have our own 
hugetlb_get_unmapped_area(), which does all the same, checking this in 
addition ?

Christophe

> 
> Christophe
> 
>>
>> [162980.035629] WARNING: CPU: 0 PID: 2777 at 
>> arch/powerpc/mm/hugetlbpage.c:354 h
>> ugetlb_free_pgd_range+0xc8/0x1e4
>> [162980.035699] CPU: 0 PID: 2777 Comm: malloc Tainted: G W       4.14.6-s
>> 3k-dev-ga8e8e8b176-svn9134 #85
>> [162980.035744] task: c67e2c00 task.stack: c668e000
>> [162980.035783] NIP:  c000fe18 LR: c00e1eec CTR: c00f90c0
>> [162980.035830] REGS: c668fc20 TRAP: 0700   Tainted: G W        (4.14.6-s
>> 3k-dev-ga8e8e8b176-svn9134)
>> [162980.035854] MSR:  00029032 <EE,ME,IR,DR,RI>  CR: 24044224 XER: 
>> 20000000
>> [162980.036003]
>> [162980.036003] GPR00: c00e1eec c668fcd0 c67e2c00 00000010 c6869410 
>> 10080000 000
>> 00000 77fb4000
>> [162980.036003] GPR08: ffff0001 0683c001 00000000 ffffff80 44028228 
>> 10018a34 000
>> 04008 418004fc
>> [162980.036003] GPR16: c668e000 00040100 c668e000 c06c0000 c668fe78 
>> c668e000 c68
>> 35ba0 c668fd48
>> [162980.036003] GPR24: 00000000 73ffffff 74000000 00000001 77fb4000 
>> 100fffff 101
>> 00000 10100000
>> [162980.036743] NIP [c000fe18] hugetlb_free_pgd_range+0xc8/0x1e4
>> [162980.036839] LR [c00e1eec] free_pgtables+0x12c/0x150
>> [162980.036861] Call Trace:
>> [162980.036939] [c668fcd0] [c00f0774] unlink_anon_vmas+0x1c4/0x214 
>> (unreliable)
>> [162980.037040] [c668fd10] [c00e1eec] free_pgtables+0x12c/0x150
>> [162980.037118] [c668fd40] [c00eabac] exit_mmap+0xe8/0x1b4
>> [162980.037210] [c668fda0] [c0019710] mmput.part.9+0x20/0xd8
>> [162980.037301] [c668fdb0] [c001ecb0] do_exit+0x1f0/0x93c
>> [162980.037386] [c668fe00] [c001f478] do_group_exit+0x40/0xcc
>> [162980.037479] [c668fe10] [c002a76c] get_signal+0x47c/0x614
>> [162980.037570] [c668fe70] [c0007840] do_signal+0x54/0x244
>> [162980.037654] [c668ff30] [c0007ae8] do_notify_resume+0x34/0x88
>> [162980.037744] [c668ff40] [c000dae8] do_user_signal+0x74/0xc4
>> [162980.037781] Instruction dump:
>> [162980.037821] 7fdff378 81370000 54a3463a 80890020 7d24182e 7c841a14 
>> 712a0004 4
>> 082ff94
>> [162980.038014] 2f890000 419e0010 712a0ff0 408200e0 <0fe00000> 
>> 54a9000a 7f984840
>>   419d0094
>> [162980.038216] ---[ end trace c0ceeca8e7a5800a ]---
>> [162980.038754] BUG: non-zero nr_ptes on freeing mm: 1
>> [162985.363322] BUG: non-zero nr_ptes on freeing mm: -1
>>
>> Christophe

More information about the Linuxppc-dev mailing list