diff mbox series

[v2] mm,hwpoison:Differentiate Action Required error in current and non current process

Message ID 20210119120956.7f901b76.yaoaili@kingsoft.com (mailing list archive)
State New
Headers show
Series [v2] mm,hwpoison:Differentiate Action Required error in current and non current process | expand

Commit Message

Aili Yao Jan. 19, 2021, 4:15 a.m. UTC
Hello,From 6f7f0582509e1b2aaa23e06868fee96f024e9551 Mon Sep 17 00:00:00 2001
From: Aili Yao <yaoaili@kingsoft.com>
Date: Tue, 19 Jan 2021 11:46:50 +0800
Subject: [PATCH] mm,hwpoison:Differentiate Action Required error in current
 and non current process

When a memory uncorrected error is triggered by process A who accessed
the address with error; It's Action Required Case for only current
process which triggered this.this Action Required case means Action
optional to other process who share the same page. Usually, kill current
process will be sufficient, other process sharing the same page will
get be signaled when they really touch the poisoned page.

But there is another scenario that other processes
sharing the same page want to be signaled early with PF_MCE_EARLY set,
In this case, we should get them into kill list and signal
BUS_MCEERR_AO to them.

So in this patch, task_early_kill will check current process if
force_early is set, and if not current,check find_early_kill_thread
to see if there is PF_MCE_EARLY process which cares the error.

In kill_proc, BUS_MCEERR_AR is only send to current, other process in
kill list will be signaled BUS_MCEERR_AO.

Signed-off-by: Aili Yao <yaoaili@kingsoft.com>
---
 mm/memory-failure.c | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

Comments

HORIGUCHI NAOYA(堀口 直也) Jan. 20, 2021, 12:06 a.m. UTC | #1
Hi Aili,

On Tue, Jan 19, 2021 at 12:15:30PM +0800, Aili Yao wrote:
> Hello,From 6f7f0582509e1b2aaa23e06868fee96f024e9551 Mon Sep 17 00:00:00 2001
> From: Aili Yao <yaoaili@kingsoft.com>
> Date: Tue, 19 Jan 2021 11:46:50 +0800
> Subject: [PATCH] mm,hwpoison:Differentiate Action Required error in current
>  and non current process

You don't have to add these header info into patch description because
git can get them from email headers.
# scripts/checkpatch.pl shows some warning due to these.

> 
> When a memory uncorrected error is triggered by process A who accessed
> the address with error; It's Action Required Case for only current
> process which triggered this.this Action Required case means Action
> optional to other process who share the same page. Usually, kill current
> process will be sufficient, other process sharing the same page will
> get be signaled when they really touch the poisoned page.
> 
> But there is another scenario that other processes
> sharing the same page want to be signaled early with PF_MCE_EARLY set,
> In this case, we should get them into kill list and signal
> BUS_MCEERR_AO to them.
> 
> So in this patch, task_early_kill will check current process if
> force_early is set, and if not current,check find_early_kill_thread
> to see if there is PF_MCE_EARLY process which cares the error.
> 
> In kill_proc, BUS_MCEERR_AR is only send to current, other process in
> kill list will be signaled BUS_MCEERR_AO.
> 
> Signed-off-by: Aili Yao <yaoaili@kingsoft.com>
> ---
>  mm/memory-failure.c | 19 ++++++++++++-------
>  1 file changed, 12 insertions(+), 7 deletions(-)
> 
> diff --git a/mm/memory-failure.c b/mm/memory-failure.c
> index 5a38e9eade94..808ff7c24f38 100644
> --- a/mm/memory-failure.c
> +++ b/mm/memory-failure.c
> @@ -243,9 +243,12 @@ static int kill_proc(struct to_kill *tk, unsigned long pfn, int flags)
>  			pfn, t->comm, t->pid);
>  
>  	if (flags & MF_ACTION_REQUIRED) {
> -		WARN_ON_ONCE(t != current);
> -		ret = force_sig_mceerr(BUS_MCEERR_AR,
> +		if (tk->tsk == current)
> +			ret = force_sig_mceerr(BUS_MCEERR_AR,
>  					 (void __user *)tk->addr, addr_lsb);
> +		else
> +			ret = send_sig_mceerr(BUS_MCEERR_AO, (void __user *)tk->addr,
> +				addr_lsb, t);
>  	} else {
>  		/*
>  		 * Don't use force here, it's convenient if the signal
> @@ -391,10 +394,14 @@ static void kill_procs(struct list_head *to_kill, int forcekill, bool fail,
>  			 * signal and then access the memory. Just kill it.
>  			 */
>  			if (fail || tk->addr == -EFAULT) {
> -				pr_err("Memory failure: %#lx: forcibly killing %s:%d because of failure to unmap corrupted page\n",
> -				       pfn, tk->tsk->comm, tk->tsk->pid);
> -				do_send_sig_info(SIGKILL, SEND_SIG_PRIV,
> +				if (tk->tsk == current) {
> +					pr_err("Memory failure: %#lx: forcibly killing %s:%d because of failure to unmap corrupted page\n",
> +						pfn, tk->tsk->comm, tk->tsk->pid);
> +					do_send_sig_info(SIGKILL, SEND_SIG_PRIV,
>  						 tk->tsk, PIDTYPE_PID);
> +				} else if (kill_proc(tk, pfn, flags) < 0)
> +					pr_err("Memory failure: %#lx: Cannot send advisory machine check signal to %s:%d\n",
> +						pfn, tk->tsk->comm, tk->tsk->pid);

This seems to change (maybe beyond the intent of this patch) the behavior of
action optional events, i.e. without this patch all processes on to_kill list
receive SIGKILL.  but with patch SIGKILL is sent only to current (if it
happens to be linked to to_kill list) and any other processes on the list
receive SIGBUSs. Any justification on this change?

This code path is for failure in error handling, where we can't do anything
more.  So I think that just killing all affected processes with SIGKILL as
we do now is the expected behavior.

>  			}
>  
>  			/*
> @@ -457,8 +464,6 @@ static struct task_struct *task_early_kill(struct task_struct *tsk,
>  		 */
>  		if (tsk->mm == current->mm)
>  			return current;
> -		else
> -			return NULL;

Please update the comment above this function about action required case.

Thanks,
Naoya Horiguchi
Aili Yao Jan. 20, 2021, 6:07 a.m. UTC | #2
On Wed, 20 Jan 2021 00:06:14 +0000
HORIGUCHI NAOYA(堀口 直也) <naoya.horiguchi@nec.com> wrote:

> You don't have to add these header info into patch description because
> git can get them from email headers.
> # scripts/checkpatch.pl shows some warning due to these.

yes, i will change this. Thanks.

> >  			if (fail || tk->addr == -EFAULT) {
> > -				pr_err("Memory failure: %#lx: forcibly killing %s:%d because of failure to unmap corrupted page\n",
> > -				       pfn, tk->tsk->comm, tk->tsk->pid);
> > -				do_send_sig_info(SIGKILL, SEND_SIG_PRIV,
> > +				if (tk->tsk == current) {
> > +					pr_err("Memory failure: %#lx: forcibly killing %s:%d because of failure to unmap corrupted page\n",
> > +						pfn, tk->tsk->comm, tk->tsk->pid);
> > +					do_send_sig_info(SIGKILL, SEND_SIG_PRIV,
> >  						 tk->tsk, PIDTYPE_PID);
> > +				} else if (kill_proc(tk, pfn, flags) < 0)
> > +					pr_err("Memory failure: %#lx: Cannot send advisory machine check signal to %s:%d\n",
> > +						pfn, tk->tsk->comm, tk->tsk->pid);  
> 
> This seems to change (maybe beyond the intent of this patch) the behavior of
> action optional events, i.e. without this patch all processes on to_kill list
> receive SIGKILL.  but with patch SIGKILL is sent only to current (if it
> happens to be linked to to_kill list) and any other processes on the list
> receive SIGBUSs. Any justification on this change?
> 
> This code path is for failure in error handling, where we can't do anything
> more.  So I think that just killing all affected processes with SIGKILL as
> we do now is the expected behavior.

you are right, I have some misunderstanding here, we need to keep the original code. Thanks for correction

> >  			/*
> > @@ -457,8 +464,6 @@ static struct task_struct *task_early_kill(struct task_struct *tsk,
> >  		 */
> >  		if (tsk->mm == current->mm)
> >  			return current;
> > -		else
> > -			return NULL;  
> 
> Please update the comment above this function about action required case.

yes, I will add some comments here! I will submit a v3 patch.

Thank you!
diff mbox series

Patch

diff --git a/mm/memory-failure.c b/mm/memory-failure.c
index 5a38e9eade94..808ff7c24f38 100644
--- a/mm/memory-failure.c
+++ b/mm/memory-failure.c
@@ -243,9 +243,12 @@  static int kill_proc(struct to_kill *tk, unsigned long pfn, int flags)
 			pfn, t->comm, t->pid);
 
 	if (flags & MF_ACTION_REQUIRED) {
-		WARN_ON_ONCE(t != current);
-		ret = force_sig_mceerr(BUS_MCEERR_AR,
+		if (tk->tsk == current)
+			ret = force_sig_mceerr(BUS_MCEERR_AR,
 					 (void __user *)tk->addr, addr_lsb);
+		else
+			ret = send_sig_mceerr(BUS_MCEERR_AO, (void __user *)tk->addr,
+				addr_lsb, t);
 	} else {
 		/*
 		 * Don't use force here, it's convenient if the signal
@@ -391,10 +394,14 @@  static void kill_procs(struct list_head *to_kill, int forcekill, bool fail,
 			 * signal and then access the memory. Just kill it.
 			 */
 			if (fail || tk->addr == -EFAULT) {
-				pr_err("Memory failure: %#lx: forcibly killing %s:%d because of failure to unmap corrupted page\n",
-				       pfn, tk->tsk->comm, tk->tsk->pid);
-				do_send_sig_info(SIGKILL, SEND_SIG_PRIV,
+				if (tk->tsk == current) {
+					pr_err("Memory failure: %#lx: forcibly killing %s:%d because of failure to unmap corrupted page\n",
+						pfn, tk->tsk->comm, tk->tsk->pid);
+					do_send_sig_info(SIGKILL, SEND_SIG_PRIV,
 						 tk->tsk, PIDTYPE_PID);
+				} else if (kill_proc(tk, pfn, flags) < 0)
+					pr_err("Memory failure: %#lx: Cannot send advisory machine check signal to %s:%d\n",
+						pfn, tk->tsk->comm, tk->tsk->pid);
 			}
 
 			/*
@@ -457,8 +464,6 @@  static struct task_struct *task_early_kill(struct task_struct *tsk,
 		 */
 		if (tsk->mm == current->mm)
 			return current;
-		else
-			return NULL;
 	}
 	return find_early_kill_thread(tsk);
 }