[v2,01/29] lustre: llite: ll_fault fixes

Message ID	1558356671-29599-2-git-send-email-jsimmons@infradead.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <lustre-devel-bounces@lists.lustre.org> From: James Simmons <jsimmons@infradead.org> To: Andreas Dilger <adilger@whamcloud.com>, Oleg Drokin <green@whamcloud.com>, NeilBrown <neilb@suse.com> Date: Mon, 20 May 2019 08:50:43 -0400 Message-Id: <1558356671-29599-2-git-send-email-jsimmons@infradead.org> In-Reply-To: <1558356671-29599-1-git-send-email-jsimmons@infradead.org> References: <1558356671-29599-1-git-send-email-jsimmons@infradead.org> Subject: [lustre-devel] [PATCH v2 01/29] lustre: llite: ll_fault fixes Precedence: list Cc: Lustre Development List <lustre-devel@lists.lustre.org> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: lustre-devel-bounces@lists.lustre.org Sender: "lustre-devel" <lustre-devel-bounces@lists.lustre.org>
Series	More lustre patches \| expand [v2,00/29] More lustre patches [v2,01/29] lustre: llite: ll_fault fixes [v2,02/29] lustre: llite: fix error in vvp_pgcache seqfile. [v2,03/29] lustre: llite: replace lli_trunc_sem [v2,04/29] lustre: lov: use GFP_NOFS to allocate lo_entries. [v2,05/29] lustre: llite: don't use class_setup_tunables() [v2,06/29] lustre: embed typ_kobj in obd_type [v2,07/29] lustre: obd: collect all resource releasing for obj_type. [v2,08/29] lustre: obd_type: use typ_kobj.name as typ_name [v2,09/29] lustre: obd_type: discard obd_types linked list. [v2,10/29] lustre: obd_type: discard obd_type_lock [v2,11/29] lustre: obdclass: don't copy ops structures in to new type. [v2,12/29] lustre: obdclass: fix module load locking. [v2,13/29] lustre: convert rsi_sem to a spinlock. [v2,14/29] lustre: ldlm: discard varname in ldlm_pool. [v2,15/29] lustre: lprocfs: use log2.h macros instead of shift loop. [v2,16/29] lustre: handles: discard h_owner in favour of h_ops [v2,17/29] lustre: handle: move refcount into the lustre_handle. [v2,18/29] lustre: discard OBD_FREE_RCU [v2,19/29] lustre: portals_handle: rename ops to owner [v2,20/29] lustre: portals_handle: remove locking from class_handle2object() [v2,21/29] lustre: portals_handle: use hlist for hash lists. [v2,22/29] lustre: portals_handle: discard h_lock. [v2,23/29] lustre: remove unused fields from struct obd_device [v2,24/29] lustre: obd_sysfs: error-check value stored in jobid_var [v2,25/29] lustre: obdclass: discard process_quota_config [v2,26/29] lustre: obdclass: remove unnecessary code from lustre_init_lsi() [27/29] lustre: ldlm: discard l_lock from struct ldlm_lock. [v2,28/29] lustre: ldlm: don't access l_resource when not locked. [v2,29/29] lustre: ldlm: drop SLAB_TYPESAFE_BY_RCU from ldlm_lock slab.

James Simmons May 20, 2019, 12:50 p.m. UTC

From: Patrick Farrell <pfarrell@whamcloud.com>

Various error conditions in the fault path can cause us to
not return a page in vm_fault.  Check if it's present
before accessing it.

Additionally, it's not valid to return VM_FAULT_NOPAGE for
page faults.  The correct return when accessing a page that
does not exist is VM_FAULT_SIGBUS.  Correcting this avoids
looping infinitely in the testcase.

Signed-off-by: Patrick Farrell <pfarrell@whamcloud.com>
WC-bug-id: https://jira.whamcloud.com/browse/LU-11403
Reviewed-on: https://review.whamcloud.com/34247
Reviewed-by: Alex Zhuravlev <bzzz@whamcloud.com>
Reviewed-by: Alexander Zarochentsev <c17826@cray.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
 fs/lustre/llite/llite_mmap.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

NeilBrown May 22, 2019, 3:54 a.m. UTC | #1

On Mon, May 20 2019, James Simmons wrote:

> From: Patrick Farrell <pfarrell@whamcloud.com>
>
> Various error conditions in the fault path can cause us to
> not return a page in vm_fault.  Check if it's present
> before accessing it.

I cannot find any error conditions that would leave ->page NULL,
but that wouldn't set one of
  VM_FAULT_RETRY | VM_FAULT_ERROR | VM_FAULT_LOCKED
in 'result'.

Can someone provide an example?

(I have seen crashes with vmf->page being NULL, but they were caused
 by VM_FAULT_RETRY being #defined to 0 as lustre/llite/llite_internal.h
 still does on OpenSFS lustre)

>
> Additionally, it's not valid to return VM_FAULT_NOPAGE for
> page faults.  The correct return when accessing a page that
> does not exist is VM_FAULT_SIGBUS.  Correcting this avoids
> looping infinitely in the testcase.

I agree with that.  VM_FAULT_NOPAGE is valid for page_mkwrite - and
ll_page_mkwrite() has separate code to choose VM_FAULT_NOPAGE.
So the change to to_fault_error() is valid.

NeilBrown


>
> Signed-off-by: Patrick Farrell <pfarrell@whamcloud.com>
> WC-bug-id: https://jira.whamcloud.com/browse/LU-11403
> Reviewed-on: https://review.whamcloud.com/34247
> Reviewed-by: Alex Zhuravlev <bzzz@whamcloud.com>
> Reviewed-by: Alexander Zarochentsev <c17826@cray.com>
> Reviewed-by: Oleg Drokin <green@whamcloud.com>
> Signed-off-by: James Simmons <jsimmons@infradead.org>
> ---
>  fs/lustre/llite/llite_mmap.c | 6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/fs/lustre/llite/llite_mmap.c b/fs/lustre/llite/llite_mmap.c
> index 1865db1..c8e57ad 100644
> --- a/fs/lustre/llite/llite_mmap.c
> +++ b/fs/lustre/llite/llite_mmap.c
> @@ -238,9 +238,6 @@ static inline vm_fault_t to_fault_error(int result)
>  	case 0:
>  		result = VM_FAULT_LOCKED;
>  		break;
> -	case -EFAULT:
> -		result = VM_FAULT_NOPAGE;
> -		break;
>  	case -ENOMEM:
>  		result = VM_FAULT_OOM;
>  		break;
> @@ -366,7 +363,8 @@ static vm_fault_t ll_fault(struct vm_fault *vmf)
>  
>  restart:
>  	result = __ll_fault(vmf->vma, vmf);
> -	if (!(result & (VM_FAULT_RETRY | VM_FAULT_ERROR | VM_FAULT_LOCKED))) {
> +	if (vmf->page &&
> +	    !(result & (VM_FAULT_RETRY | VM_FAULT_ERROR | VM_FAULT_LOCKED))) {
>  		struct page *vmpage = vmf->page;
>  
>  		/* check if this page has been truncated */
> -- 
> 1.8.3.1

Patrick Farrell May 22, 2019, 12:48 p.m. UTC | #2

Neil,

If you can’t find any, I imagine they don’t exist, at least in your branch, given that difference you cited.

The particular case we had is here:
https://jira.whamcloud.com/browse/LU-11403

Which is when the file exists but has no striping info, and hence no data.

- Patrick

James Simmons May 22, 2019, 7:06 p.m. UTC | #3

> > From: Patrick Farrell <pfarrell@whamcloud.com>
> >
> > Various error conditions in the fault path can cause us to
> > not return a page in vm_fault.  Check if it's present
> > before accessing it.
> 
> I cannot find any error conditions that would leave ->page NULL,
> but that wouldn't set one of
>   VM_FAULT_RETRY | VM_FAULT_ERROR | VM_FAULT_LOCKED
> in 'result'.
> 
> Can someone provide an example?

Reproducer is here:

https://review.whamcloud.com/#/c/34247/7/lustre/tests/mmap_mknod_test.c

Just run mmap_mknod_test "file" and it will show this problem.

> (I have seen crashes with vmf->page being NULL, but they were caused
>  by VM_FAULT_RETRY being #defined to 0 as lustre/llite/llite_internal.h
>  still does on OpenSFS lustre)
> 
> >
> > Additionally, it's not valid to return VM_FAULT_NOPAGE for
> > page faults.  The correct return when accessing a page that
> > does not exist is VM_FAULT_SIGBUS.  Correcting this avoids
> > looping infinitely in the testcase.
> 
> I agree with that.  VM_FAULT_NOPAGE is valid for page_mkwrite - and
> ll_page_mkwrite() has separate code to choose VM_FAULT_NOPAGE.
> So the change to to_fault_error() is valid.
> 
> NeilBrown
> 
> 
> >
> > Signed-off-by: Patrick Farrell <pfarrell@whamcloud.com>
> > WC-bug-id: https://jira.whamcloud.com/browse/LU-11403
> > Reviewed-on: https://review.whamcloud.com/34247
> > Reviewed-by: Alex Zhuravlev <bzzz@whamcloud.com>
> > Reviewed-by: Alexander Zarochentsev <c17826@cray.com>
> > Reviewed-by: Oleg Drokin <green@whamcloud.com>
> > Signed-off-by: James Simmons <jsimmons@infradead.org>
> > ---
> >  fs/lustre/llite/llite_mmap.c | 6 ++----
> >  1 file changed, 2 insertions(+), 4 deletions(-)
> >
> > diff --git a/fs/lustre/llite/llite_mmap.c b/fs/lustre/llite/llite_mmap.c
> > index 1865db1..c8e57ad 100644
> > --- a/fs/lustre/llite/llite_mmap.c
> > +++ b/fs/lustre/llite/llite_mmap.c
> > @@ -238,9 +238,6 @@ static inline vm_fault_t to_fault_error(int result)
> >  	case 0:
> >  		result = VM_FAULT_LOCKED;
> >  		break;
> > -	case -EFAULT:
> > -		result = VM_FAULT_NOPAGE;
> > -		break;
> >  	case -ENOMEM:
> >  		result = VM_FAULT_OOM;
> >  		break;
> > @@ -366,7 +363,8 @@ static vm_fault_t ll_fault(struct vm_fault *vmf)
> >  
> >  restart:
> >  	result = __ll_fault(vmf->vma, vmf);
> > -	if (!(result & (VM_FAULT_RETRY | VM_FAULT_ERROR | VM_FAULT_LOCKED))) {
> > +	if (vmf->page &&
> > +	    !(result & (VM_FAULT_RETRY | VM_FAULT_ERROR | VM_FAULT_LOCKED))) {
> >  		struct page *vmpage = vmf->page;
> >  
> >  		/* check if this page has been truncated */
> > -- 
> > 1.8.3.1
>

NeilBrown May 22, 2019, 11:26 p.m. UTC | #4

On Wed, May 22 2019, Patrick Farrell wrote:

> Neil,
>
> If you can’t find any, I imagine they don’t exist, at least in your branch, given that difference you cited.
>
> The particular case we had is here:
> https://jira.whamcloud.com/browse/LU-11403
>
> Which is when the file exists but has no striping info, and hence no data.

Hi Patrick,
Thanks for the reply.  Looking at that issue it appears that the root
cause is -EFAULT being returned from lov_io_init_empty, which then got
returned by ll_fault_io_init and then was converted by to_fault_error
into VM_FAULT_NOPAGE.

The test

 	if (!(result & (VM_FAULT_RETRY | VM_FAULT_ERROR | VM_FAULT_LOCKED))) {

in ll_fault() doesn't notice VM_FAULT_NOPAGE (it is not part of
VM_FAULT_ERROR), so the 'then' branch is run, which triggers the
problem.

Just changing to_fault_error() to convert  -EFAULT to VM_FAULT_SIGBUS,
as you did, cause the 'if' to do "the right thing", as VM_FAULT_SIGBUS
is one of the flags in VM_FAULT_ERROR.

So the extra test on vmf->page is redundant.  If there has been no
error, and we don't need to retry, then vmf->page *must* exist.

I've changed the commit message to explain this, so what I have now is
below.

Thanks,
NeilBrown

From: Patrick Farrell <pfarrell@whamcloud.com>
Date: Mon, 20 May 2019 08:50:43 -0400
Subject: [PATCH] lustre: llite: ll_fault fix

Error conditions in the fault path such as a fault on a file without
stripes (see lov_io_init_emtpy()) can cause us to
not return a page in vm_fault, and to report -EFAULT.

-EFAULT is currently mapped to VM_FAULT_NOPAGE by to_fault_error(),
and ll_fault doesn't recognize this as an error which might leave
->page unset, and tries to dereference vmf->page.

VM_FAULT_NOPAGE is *not* a valid status for .fault, only for
.page_mkwrite and .pfn_mkwrite.  So change to_fault_error() to
instead map -EFAULT to VM_FAULT_SIGBUS.  This is part of
VM_FAULT_ERROR, so ll_fault will *not* dereference vmf->page when that
error code is set.

Signed-off-by: Patrick Farrell <pfarrell@whamcloud.com>
WC-bug-id: https://jira.whamcloud.com/browse/LU-11403
Reviewed-on: https://review.whamcloud.com/34247
Reviewed-by: Alex Zhuravlev <bzzz@whamcloud.com>
Reviewed-by: Alexander Zarochentsev <c17826@cray.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
Signed-off-by: NeilBrown <neilb@suse.com>
---
 fs/lustre/llite/llite_mmap.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/fs/lustre/llite/llite_mmap.c b/fs/lustre/llite/llite_mmap.c
index 1865db1237ce..59fb40029306 100644
--- a/fs/lustre/llite/llite_mmap.c
+++ b/fs/lustre/llite/llite_mmap.c
@@ -238,9 +238,6 @@ static inline vm_fault_t to_fault_error(int result)
 	case 0:
 		result = VM_FAULT_LOCKED;
 		break;
-	case -EFAULT:
-		result = VM_FAULT_NOPAGE;
-		break;
 	case -ENOMEM:
 		result = VM_FAULT_OOM;
 		break;

Patrick Farrell May 23, 2019, 12:13 a.m. UTC | #5

Neil,

Memory has surfaced here.  There was a not-documented-where-I-can-find-it report of a null pointer on “page” here that came in around the same time running - I believe - racer (a big messy “do random things from many threads” test).  No obvious explanation for how we got the problem but I added the check since it was simple enough.

But I’m perfectly comfortable with you removing it and seeing if something occurs again.

- Patrick

[v2,01/29] lustre: llite: ll_fault fixes

Commit Message

Comments

Patch