|
xen-devel
[Xen-devel] Re: Is: [PATCH] x86/paravirt: PTE updates in k(un)map_atomic
|
To: |
Jeremy Fitzhardinge <jeremy@xxxxxxxx>, akpm@xxxxxxxxxxxxxxxxxxxx |
|
Subject: |
[Xen-devel] Re: Is: [PATCH] x86/paravirt: PTE updates in k(un)map_atomic need to be synchronous, regardless of lazy_mmu mode. Was: Re: [PATCH] x86/paravirt: Partially revert "remove lazy mode in interrupts" |
|
From: |
Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> |
|
Date: |
Fri, 30 Sep 2011 10:22:59 -0400 |
|
Cc: |
xen-devel@xxxxxxxxxxxxxxxxxxx, Peter Zijlstra <a.p.zijlstra@xxxxxxxxx>, Jeremy Fitzhardinge <jeremy.fitzhardinge@xxxxxxxxxx>, x86@xxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, stefan.bader@xxxxxxxxxxxxx, Ingo Molnar <mingo@xxxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxxxxx>, stable@xxxxxxxxxx |
|
Delivery-date: |
Fri, 30 Sep 2011 07:31:11 -0700 |
|
Envelope-to: |
www-data@xxxxxxxxxxxxxxxxxxx |
|
In-reply-to: |
<20110926193453.GA9717@xxxxxxxxxxxxxxxxx> |
|
List-help: |
<mailto:xen-devel-request@lists.xensource.com?subject=help> |
|
List-id: |
Xen developer discussion <xen-devel.lists.xensource.com> |
|
List-post: |
<mailto:xen-devel@lists.xensource.com> |
|
List-subscribe: |
<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
|
List-unsubscribe: |
<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
|
References: |
<1317042797-19975-1-git-send-email-konrad.wilk@xxxxxxxxxx> <4E80A6BD.3070703@xxxxxxxx> <20110926193453.GA9717@xxxxxxxxxxxxxxxxx> |
|
Sender: |
xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
> >From 09966678dd645b68a422c9bf0223b13e73387302 Mon Sep 17 00:00:00 2001
> From: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
> Date: Fri, 23 Sep 2011 17:02:29 -0400
> Subject: [PATCH] x86/paravirt: PTE updates in k(un)map_atomic need to be
> synchronous, regardless of lazy_mmu mode.
>
> This patch fixes an outstanding issue that has been reported since 2.6.37.
> Under a heavy loaded machine processing "fork()" calls could keepover with:
Hm, looks like I forgot to include Andrew on this.
Andrew, what is your opinion on this tiny little critical patch?
>
> BUG: unable to handle kernel paging request at f573fc8c
> IP: [<c01abc54>] swap_count_continued+0x104/0x180
> *pdpt = 000000002a3b9027 *pde = 0000000001bed067 *pte = 0000000000000000
> Oops: 0000 [#1] SMP
> Modules linked in:
> Pid: 1638, comm: apache2 Not tainted 3.0.4-linode37 #1
> EIP: 0061:[<c01abc54>] EFLAGS: 00210246 CPU: 3
> EIP is at swap_count_continued+0x104/0x180
> .. snip..
> Call Trace:
> [<c01ac222>] ? __swap_duplicate+0xc2/0x160
> [<c01040f7>] ? pte_mfn_to_pfn+0x87/0xe0
> [<c01ac2e4>] ? swap_duplicate+0x14/0x40
> [<c01a0a6b>] ? copy_pte_range+0x45b/0x500
> [<c01a0ca5>] ? copy_page_range+0x195/0x200
> [<c01328c6>] ? dup_mmap+0x1c6/0x2c0
> [<c0132cf8>] ? dup_mm+0xa8/0x130
> [<c013376a>] ? copy_process+0x98a/0xb30
> [<c013395f>] ? do_fork+0x4f/0x280
> [<c01573b3>] ? getnstimeofday+0x43/0x100
> [<c010f770>] ? sys_clone+0x30/0x40
> [<c06c048d>] ? ptregs_clone+0x15/0x48
> [<c06bfb71>] ? syscall_call+0x7/0xb
>
> The problem is that in copy_page_range we turn lazy mode on, and then
> in swap_entry_free we call swap_count_continued which ends up in:
>
> map = kmap_atomic(page, KM_USER0) + offset;
>
> and then later we touch *map.
>
> Since we are running in batched mode (lazy) we don't actually set up the
> PTE mappings and the kmap_atomic is not done synchronously and ends up
> trying to dereference a page that has not been set.
>
> Looking at kmap_atomic_prot_pfn, it uses 'arch_flush_lazy_mmu_mode' and
> doing the same in kmap_atomic_prot and __kunmap_atomic makes the problem
> go away.
>
> Interestingly, git commit b8bcfe997e46150fedcc3f5b26b846400122fdd9
> removed part of this to fix an interrupt issue - but it went to far
> and did not consider this scenario.
>
> CC: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> CC: Ingo Molnar <mingo@xxxxxxxxxx>
> CC: "H. Peter Anvin" <hpa@xxxxxxxxx>
> CC: x86@xxxxxxxxxx
> CC: Peter Zijlstra <a.p.zijlstra@xxxxxxxxx>
> CC: Jeremy Fitzhardinge <jeremy.fitzhardinge@xxxxxxxxxx>
> CC: stable@xxxxxxxxxx
> [v1: Redid the commit description per Jeremy's apt suggestion]
> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
> ---
> arch/x86/mm/highmem_32.c | 2 ++
> 1 files changed, 2 insertions(+), 0 deletions(-)
>
> diff --git a/arch/x86/mm/highmem_32.c b/arch/x86/mm/highmem_32.c
> index b499626..f4f29b1 100644
> --- a/arch/x86/mm/highmem_32.c
> +++ b/arch/x86/mm/highmem_32.c
> @@ -45,6 +45,7 @@ void *kmap_atomic_prot(struct page *page, pgprot_t prot)
> vaddr = __fix_to_virt(FIX_KMAP_BEGIN + idx);
> BUG_ON(!pte_none(*(kmap_pte-idx)));
> set_pte(kmap_pte-idx, mk_pte(page, prot));
> + arch_flush_lazy_mmu_mode();
>
> return (void *)vaddr;
> }
> @@ -88,6 +89,7 @@ void __kunmap_atomic(void *kvaddr)
> */
> kpte_clear_flush(kmap_pte-idx, vaddr);
> kmap_atomic_idx_pop();
> + arch_flush_lazy_mmu_mode();
> }
> #ifdef CONFIG_DEBUG_HIGHMEM
> else {
> --
> 1.7.4.1
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
Home