[002/156] powerpc/mm: add DEBUG_VM WARN for pmd_clear

Message ID	20201016024103.HqDhEKFCQ%akpm@linux-foundation.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=b3Y1=DX=kvack.org=owner-linux-mm@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C8C7420FC3 Date: Thu, 15 Oct 2020 19:41:03 -0700 From: Andrew Morton <akpm@linux-foundation.org> To: akpm@linux-foundation.org, aneesh.kumar@linux.ibm.com, anshuman.khandual@arm.com, christophe.leroy@csgroup.eu, linux-mm@kvack.org, mm-commits@vger.kernel.org, mpe@ellerman.id.au, torvalds@linux-foundation.org Subject: [patch 002/156] powerpc/mm: add DEBUG_VM WARN for pmd_clear Message-ID: <20201016024103.HqDhEKFCQ%akpm@linux-foundation.org> In-Reply-To: <20201015192732.f448da14e9854c7cb7299956@linux-foundation.org> User-Agent: s-nail v14.8.16 Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	[001/156] device-dax/kmem: fix resource release \| expand [001/156] device-dax/kmem: fix resource release [002/156] powerpc/mm: add DEBUG_VM WARN for pmd_clear [003/156] powerpc/mm: move setting pte specific flags to pfn_pte [004/156] mm/debug_vm_pgtable/ppc64: avoid setting top bits in radom value [005/156] mm/debug_vm_pgtables/hugevmap: use the arch helper to identify huge vmap support. [006/156] mm/debug_vm_pgtable/savedwrite: enable savedwrite test with CONFIG_NUMA_BALANCING [007/156] mm/debug_vm_pgtable/THP: mark the pte entry huge before using set_pmd/pud_at [008/156] mm/debug_vm_pgtable/set_pte/pmd/pud: don't use set__at to update an existing pte entry [009/156] mm/debug_vm_pgtable/locks: move non page table modifying test together [010/156] mm/debug_vm_pgtable/locks: take correct page table lock [011/156] mm/debug_vm_pgtable/thp: use page table depost/withdraw with THP [012/156] mm/debug_vm_pgtable/pmd_clear: don't use pmd/pud_clear on pte entries [013/156] mm/debug_vm_pgtable/hugetlb: disable hugetlb test on ppc64 [014/156] mm/debug_vm_pgtable: avoid none pte in pte_clear_test [015/156] mm/debug_vm_pgtable: avoid doing memory allocation with pgtable_t mapped. [016/156] XArray: add xa_get_order [017/156] XArray: add xas_split [018/156] mm/filemap: fix storing to a THP shadow entry [019/156] mm/filemap: fix page cache removal for arbitrary sized THPs [020/156] mm/memory: remove page fault assumption of compound page size [021/156] mm/page_owner: change split_page_owner to take a count [022/156] mm/huge_memory: fix total_mapcount assumption of page size [023/156] mm/huge_memory: fix split assumption of page size [024/156] mm/huge_memory: fix page_trans_huge_mapcount assumption of THP size [025/156] mm/huge_memory: fix can_split_huge_page assumption of THP size [026/156] mm/rmap: fix assumptions of THP size [027/156] mm/truncate: fix truncation for pages of arbitrary size [028/156] mm/page-writeback: support tail pages in wait_for_stable_page [029/156] mm/vmscan: allow arbitrary sized pages to be paged out [030/156] fs: add a filesystem flag for THPs [031/156] fs: do not update nr_thps for mappings which support THPs [032/156] mm: fix a race during THP splitting [033/156] mm/readahead: add DEFINE_READAHEAD [034/156] mm/readahead: make page_cache_ra_unbounded take a readahead_control [035/156] mm/readahead: make do_page_cache_ra take a readahead_control [036/156] mm/readahead: make ondemand_readahead take a readahead_control [037/156] mm/readahead: pass readahead_control to force_page_cache_ra [038/156] mm/readahead: add page_cache_sync_ra and page_cache_async_ra [039/156] mm/filemap: fold ra_submit into do_sync_mmap_readahead [040/156] mm/readahead: pass a file_ra_state into force_page_cache_ra [041/156] mm,hwpoison: cleanup unused PageHuge() check [042/156] mm, hwpoison: remove recalculating hpage [043/156] mm,hwpoison-inject: don't pin for hwpoison_filter [044/156] mm,hwpoison: unexport get_hwpoison_page and make it static [045/156] mm,hwpoison: refactor madvise_inject_error [046/156] mm,hwpoison: kill put_hwpoison_page [047/156] mm,hwpoison: unify THP handling for hard and soft offline [048/156] mm,hwpoison: rework soft offline for free pages [049/156] mm,hwpoison: rework soft offline for in-use pages [050/156] mm,hwpoison: refactor soft_offline_huge_page and __soft_offline_page [051/156] mm,hwpoison: return 0 if the page is already poisoned in soft-offline [052/156] mm,hwpoison: introduce MF_MSG_UNSPLIT_THP [053/156] mm,hwpoison: double-check page count in __get_any_page() [054/156] mm,hwpoison: try to narrow window race for free pages [055/156] mm/page_poison.c: replace bool variable with static key [056/156] mm/vmstat.c: use helper macro abs() [057/156] mm/util.c: update the kerneldoc for kstrdup_const() [058/156] mm/mmu_notifier: fix mmget() assert in __mmu_interval_notifier_insert [059/156] mm/memory_hotplug: inline __offline_pages() into offline_pages() [060/156] mm/memory_hotplug: enforce section granularity when onlining/offlining [061/156] mm/memory_hotplug: simplify page offlining [062/156] mm/page_alloc: simplify __offline_isolated_pages() [063/156] mm/memory_hotplug: drop nr_isolate_pageblock in offline_pages() [064/156] mm/page_isolation: simplify return value of start_isolate_page_range() [065/156] mm/memory_hotplug: simplify page onlining [066/156] mm/page_alloc: drop stale pageblock comment in memmap_init_zone() [067/156] mm: pass migratetype into memmap_init_zone() and move_pfn_range_to_zone() [068/156] mm/memory_hotplug: mark pageblocks MIGRATE_ISOLATE while onlining memory [069/156] kernel/resource: make release_mem_region_adjustable() never fail [070/156] kernel/resource: move and rename IORESOURCE_MEM_DRIVER_MANAGED [071/156] mm/memory_hotplug: guard more declarations by CONFIG_MEMORY_HOTPLUG [072/156] mm/memory_hotplug: prepare passing flags to add_memory() and friends [073/156] mm/memory_hotplug: MEMHP_MERGE_RESOURCE to specify merging of System RAM resources [074/156] virtio-mem: try to merge system ram resources [075/156] xen/balloon: try to merge system ram resources [076/156] hv_balloon: try to merge system ram resources [077/156] kernel/resource: make iomem_resource implicit in release_mem_region_adjustable() [078/156] mm: don't panic when links can't be created in sysfs [079/156] mm/page_alloc: convert "report" flag of __free_one_page() to a proper flag [080/156] mm/page_alloc: place pages to tail in __putback_isolated_page() [081/156] mm/page_alloc: move pages to tail in move_to_free_list() [082/156] mm/page_alloc: place pages to tail in __free_pages_core() [083/156] mm/memory_hotplug: update comment regarding zone shuffling [084/156] zram: failing to decompress is WARN_ON worthy [085/156] mm/slab.h: remove duplicate include [086/156] mm/page_reporting.c: drop stale list head check in page_reporting_cycle [087/156] mm/highmem.c: clean up endif comments [088/156] mm: use self-explanatory macros rather than "2" [089/156] mm: fix some broken comments [090/156] mm: fix some comments formatting [091/156] mm/workingset.c: fix some doc warnings [092/156] mm: use helper function put_write_access() [093/156] include/linux/mmzone.h: remove unused early_pfn_valid() [094/156] mm: rename page_order() to buddy_order() [095/156] fs: configfs: delete repeated words in comments [096/156] kernel.h: split out min()/max() et al. helpers [097/156] kernel/sys.c: replace do_brk with do_brk_flags in comment of prctl_set_mm_map() [098/156] kernel/: fix repeated words in comments [099/156] kernel: acct.c: fix some kernel-doc nits [100/156] get_maintainer: add test for file in VCS [101/156] get_maintainer: exclude MAINTAINERS file(s) from --git-fallback [102/156] MAINTAINERS: jarkko.sakkinen@linux.intel.com -> jarkko@kernel.org [103/156] lib: bitmap: delete duplicated words [104/156] lib: libcrc32c: delete duplicated words [105/156] lib: decompress_bunzip2: delete duplicated words [106/156] lib: dynamic_queue_limits: delete duplicated words + fix typo [107/156] lib: earlycpio: delete duplicated words [108/156] lib: radix-tree: delete duplicated words [109/156] lib: syscall: delete duplicated words [110/156] lib: test_sysctl: delete duplicated words [111/156] lib/mpi/mpi-bit.c: fix spello of "functions" [112/156] lib/idr.c: document calling context for IDA APIs mustn't use locks [113/156] lib/idr.c: document that ida_simple_{get,remove}() are deprecated [114/156] lib/scatterlist.c: avoid a double memset [115/156] lib/percpu_counter.c: use helper macro abs() [116/156] include/linux/list.h: add a macro to test if entry is pointing to the head [117/156] lib/test_hmm.c: fix an error code in dmirror_allocate_chunk() [118/156] lib/crc32.c: fix trivial typo in preprocessor condition [119/156] bitops: simplify get_count_order_long() [120/156] bitops: use the same mechanism for get_count_order[_long] [121/156] checkpatch: add --kconfig-prefix [122/156] checkpatch: move repeated word test [123/156] checkpatch: add test for comma use that should be semicolon [124/156] const_structs.checkpatch: add phy_ops [125/156] checkpatch: warn if trace_printk and friends are called [126/156] const_structs.checkpatch: add pinctrl_ops and pinmux_ops [127/156] checkpatch: warn on self-assignments [128/156] checkpatch: allow not using -f with files that are in git [129/156] checkpatch: extend author Signed-off-by check for split From: header [130/156] checkpatch: emit a warning on embedded filenames [131/156] checkpatch: fix multi-statement macro checks for while blocks. [132/156] checkpatch: fix false positive on empty block comment lines [133/156] checkpatch: add new warnings to author signoff checks. [134/156] fs/binfmt_elf: use PT_LOAD p_align values for suitable start address [135/156] tools/testing/selftests: add self-test for verifying load alignment [136/156] binfmt_elf_fdpic: stop using dump_emit() on user pointers on !MMU [137/156] coredump: let dump_emit() bail out on short writes [138/156] coredump: refactor page range dumping into common helper [139/156] coredump: rework elf/elf_fdpic vma_dump_size() into common helper [140/156] binfmt_elf, binfmt_elf_fdpic: use a VMA list snapshot [141/156] mm/gup: take mmap_lock in get_dump_page() [142/156] mm: remove the now-unnecessary mmget_still_valid() hack [143/156] ramfs: fix nommu mmap with gaps in the page cache [144/156] autofs: harden ioctl table [145/156] nilfs2: fix some kernel-doc warnings for nilfs2 [146/156] rapidio: fix error handling path [147/156] rapidio: fix the missed put_device() for rio_mport_add_riodev [148/156] panic: dump registers on panic_on_warn [149/156] kernel/relay.c: drop unneeded initialization [150/156] scripts/gdb/proc: add struct mount & struct super_block addr in lx-mounts command [151/156] scripts/gdb/tasks: add headers and improve spacing format [152/156] sched.h: drop in_ubsan field when UBSAN is in trap mode [153/156] ubsan: introduce CONFIG_UBSAN_LOCAL_BOUNDS for Clang [154/156] ROMFS: support inode blocks calculation [155/156] lib, include/linux: add usercopy failure capability [156/156] lib, uaccess: add failure injection to usercopy functions

Message ID

20201016024103.HqDhEKFCQ%akpm@linux-foundation.org (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C8C7420FC3
Date: Thu, 15 Oct 2020 19:41:03 -0700
From: Andrew Morton <akpm@linux-foundation.org>
To: akpm@linux-foundation.org, aneesh.kumar@linux.ibm.com,
 anshuman.khandual@arm.com, christophe.leroy@csgroup.eu,
 linux-mm@kvack.org, mm-commits@vger.kernel.org, mpe@ellerman.id.au,
 torvalds@linux-foundation.org
Subject: [patch 002/156] powerpc/mm: add DEBUG_VM WARN for
 pmd_clear
Message-ID: <20201016024103.HqDhEKFCQ%akpm@linux-foundation.org>
In-Reply-To: <20201015192732.f448da14e9854c7cb7299956@linux-foundation.org>
User-Agent: s-nail v14.8.16
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

[001/156] device-dax/kmem: fix resource release | expand

Commit Message

Andrew Morton Oct. 16, 2020, 2:41 a.m. UTC

From: "Aneesh Kumar K.V" <aneesh.kumar@linux.ibm.com>
Subject: powerpc/mm: add DEBUG_VM WARN for pmd_clear

Patch series "mm/debug_vm_pgtable fixes", v4.

This patch series includes fixes for debug_vm_pgtable test code so that
they follow page table updates rules correctly.  The first two patches
introduce changes w.r.t ppc64.

Hugetlb test is disabled on ppc64 because that needs larger change to satisfy
page table update rules.

These tests are broken w.r.t page table update rules and results in kernel
crash as below. 

[   21.083519] kernel BUG at arch/powerpc/mm/pgtable.c:304!
cpu 0x0: Vector: 700 (Program Check) at [c000000c6d1e76c0]
    pc: c00000000009a5ec: assert_pte_locked+0x14c/0x380
    lr: c0000000005eeeec: pte_update+0x11c/0x190
    sp: c000000c6d1e7950
   msr: 8000000002029033
  current = 0xc000000c6d172c80
  paca    = 0xc000000003ba0000   irqmask: 0x03   irq_happened: 0x01
    pid   = 1, comm = swapper/0
kernel BUG at arch/powerpc/mm/pgtable.c:304!
[link register   ] c0000000005eeeec pte_update+0x11c/0x190
[c000000c6d1e7950] 0000000000000001 (unreliable)
[c000000c6d1e79b0] c0000000005eee14 pte_update+0x44/0x190
[c000000c6d1e7a10] c000000001a2ca9c pte_advanced_tests+0x160/0x3d8
[c000000c6d1e7ab0] c000000001a2d4fc debug_vm_pgtable+0x7e8/0x1338
[c000000c6d1e7ba0] c0000000000116ec do_one_initcall+0xac/0x5f0
[c000000c6d1e7c80] c0000000019e4fac kernel_init_freeable+0x4dc/0x5a4
[c000000c6d1e7db0] c000000000012474 kernel_init+0x24/0x160
[c000000c6d1e7e20] c00000000000cbd0 ret_from_kernel_thread+0x5c/0x6c

With DEBUG_VM disabled

[   20.530152] BUG: Kernel NULL pointer dereference on read at 0x00000000
[   20.530183] Faulting instruction address: 0xc0000000000df330
cpu 0x33: Vector: 380 (Data SLB Access) at [c000000c6d19f700]
    pc: c0000000000df330: memset+0x68/0x104
    lr: c00000000009f6d8: hash__pmdp_huge_get_and_clear+0xe8/0x1b0
    sp: c000000c6d19f990
   msr: 8000000002009033
   dar: 0
  current = 0xc000000c6d177480
  paca    = 0xc00000001ec4f400   irqmask: 0x03   irq_happened: 0x01
    pid   = 1, comm = swapper/0
[link register   ] c00000000009f6d8 hash__pmdp_huge_get_and_clear+0xe8/0x1b0
[c000000c6d19f990] c00000000009f748 hash__pmdp_huge_get_and_clear+0x158/0x1b0 (unreliable)
[c000000c6d19fa10] c0000000019ebf30 pmd_advanced_tests+0x1f0/0x378
[c000000c6d19fab0] c0000000019ed088 debug_vm_pgtable+0x79c/0x1244
[c000000c6d19fba0] c0000000000116ec do_one_initcall+0xac/0x5f0
[c000000c6d19fc80] c0000000019a4fac kernel_init_freeable+0x4dc/0x5a4
[c000000c6d19fdb0] c000000000012474 kernel_init+0x24/0x160
[c000000c6d19fe20] c00000000000cbd0 ret_from_kernel_thread+0x5c/0x6c


This patch (of 13):

With the hash page table, the kernel should not use pmd_clear for clearing
huge pte entries.  Add a DEBUG_VM WARN to catch the wrong usage.

Link: https://lkml.kernel.org/r/20200902114222.181353-1-aneesh.kumar@linux.ibm.com
Link: https://lkml.kernel.org/r/20200902114222.181353-2-aneesh.kumar@linux.ibm.com
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Anshuman Khandual <anshuman.khandual@arm.com>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.ibm.com>
Cc: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 arch/powerpc/include/asm/book3s/64/pgtable.h |   14 ++++++++++++++
 1 file changed, 14 insertions(+)

--- a/arch/powerpc/include/asm/book3s/64/pgtable.h~powerpc-mm-add-debug_vm-warn-for-pmd_clear
+++ a/arch/powerpc/include/asm/book3s/64/pgtable.h
@@ -866,6 +866,13 @@  static inline bool pte_ci(pte_t pte)
 
 static inline void pmd_clear(pmd_t *pmdp)
 {
+	if (IS_ENABLED(CONFIG_DEBUG_VM) && !radix_enabled()) {
+		/*
+		 * Don't use this if we can possibly have a hash page table
+		 * entry mapping this.
+		 */
+		WARN_ON((pmd_val(*pmdp) & (H_PAGE_HASHPTE | _PAGE_PTE)) == (H_PAGE_HASHPTE | _PAGE_PTE));
+	}
 	*pmdp = __pmd(0);
 }
 
@@ -914,6 +921,13 @@  static inline int pmd_bad(pmd_t pmd)
 
 static inline void pud_clear(pud_t *pudp)
 {
+	if (IS_ENABLED(CONFIG_DEBUG_VM) && !radix_enabled()) {
+		/*
+		 * Don't use this if we can possibly have a hash page table
+		 * entry mapping this.
+		 */
+		WARN_ON((pud_val(*pudp) & (H_PAGE_HASHPTE | _PAGE_PTE)) == (H_PAGE_HASHPTE | _PAGE_PTE));
+	}
 	*pudp = __pud(0);
 }