All of lore.kernel.org
 help / color / mirror / Atom feed
From: Peter Xu <peterx@redhat.com>
To: Yu Zhao <yuzhao@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	"Huang, Ying" <ying.huang@intel.com>,
	Linux-MM <linux-mm@kvack.org>,
	linux-kernel <linux-kernel@vger.kernel.org>,
	Hugh Dickins <hughd@google.com>,
	"Kirill A . Shutemov" <kirill@shutemov.name>,
	Alistair Popple <apopple@nvidia.com>,
	Andrea Arcangeli <aarcange@redhat.com>,
	Minchan Kim <minchan@kernel.org>,
	David Hildenbrand <david@redhat.com>,
	Andi Kleen <andi.kleen@intel.com>,
	Nadav Amit <nadav.amit@gmail.com>,
	Vlastimil Babka <vbabka@suse.cz>
Subject: Re: [PATCH v4 3/7] mm/swap: Add swp_offset_pfn() to fetch PFN from swap entry
Date: Tue, 23 Aug 2022 18:04:50 -0400	[thread overview]
Message-ID: <YwVPArKuo+bWxe6e@xz-m1.local> (raw)
In-Reply-To: <CAOUHufaVC2Za-p8m0aiHw6YkheDcrO-C3wRGixwDS32VTS+k1w@mail.gmail.com>

On Tue, Aug 23, 2022 at 03:01:09PM -0600, Yu Zhao wrote:
> On Thu, Aug 11, 2022 at 8:33 PM Huang, Ying <ying.huang@intel.com> wrote:
> >
> > Peter Xu <peterx@redhat.com> writes:
> >
> > > We've got a bunch of special swap entries that stores PFN inside the swap
> > > offset fields.  To fetch the PFN, normally the user just calls swp_offset()
> > > assuming that'll be the PFN.
> > >
> > > Add a helper swp_offset_pfn() to fetch the PFN instead, fetching only the
> > > max possible length of a PFN on the host, meanwhile doing proper check with
> > > MAX_PHYSMEM_BITS to make sure the swap offsets can actually store the PFNs
> > > properly always using the BUILD_BUG_ON() in is_pfn_swap_entry().
> > >
> > > One reason to do so is we never tried to sanitize whether swap offset can
> > > really fit for storing PFN.  At the meantime, this patch also prepares us
> > > with the future possibility to store more information inside the swp offset
> > > field, so assuming "swp_offset(entry)" to be the PFN will not stand any
> > > more very soon.
> > >
> > > Replace many of the swp_offset() callers to use swp_offset_pfn() where
> > > proper.  Note that many of the existing users are not candidates for the
> > > replacement, e.g.:
> > >
> > >   (1) When the swap entry is not a pfn swap entry at all, or,
> > >   (2) when we wanna keep the whole swp_offset but only change the swp type.
> > >
> > > For the latter, it can happen when fork() triggered on a write-migration
> > > swap entry pte, we may want to only change the migration type from
> > > write->read but keep the rest, so it's not "fetching PFN" but "changing
> > > swap type only".  They're left aside so that when there're more information
> > > within the swp offset they'll be carried over naturally in those cases.
> > >
> > > Since at it, dropping hwpoison_entry_to_pfn() because that's exactly what
> > > the new swp_offset_pfn() is about.
> > >
> > > Signed-off-by: Peter Xu <peterx@redhat.com>
> >
> > LGTM, Thanks!
> >
> > Reviewed-by: "Huang, Ying" <ying.huang@intel.com>
> 
> Hi,
> 
> I hit the following crash on mm-everything-2022-08-22-22-59. Please take a look.
> 
> Thanks.
> 
>   kernel BUG at include/linux/swapops.h:117!
>   CPU: 46 PID: 5245 Comm: EventManager_De Tainted: G S         O L
> 6.0.0-dbg-DEV #2
>   RIP: 0010:pfn_swap_entry_to_page+0x72/0xf0
>   Code: c6 48 8b 36 48 83 fe ff 74 53 48 01 d1 48 83 c1 08 48 8b 09 f6
> c1 01 75 7b 66 90 48 89 c1 48 8b 09 f6 c1 01 74 74 5d c3 eb 9e <0f> 0b
> 48 ba ff ff ff ff 03 00 00 00 eb ae a9 ff 0f 00 00 75 13 48
>   RSP: 0018:ffffa59e73fabb80 EFLAGS: 00010282
>   RAX: 00000000ffffffe8 RBX: 0c00000000000000 RCX: ffffcd5440000000
>   RDX: 1ffffffffff7a80a RSI: 0000000000000000 RDI: 0c0000000000042b
>   RBP: ffffa59e73fabb80 R08: ffff9965ca6e8bb8 R09: 0000000000000000
>   R10: ffffffffa5a2f62d R11: 0000030b372e9fff R12: ffff997b79db5738
>   R13: 000000000000042b R14: 0c0000000000042b R15: 1ffffffffff7a80a
>   FS:  00007f549d1bb700(0000) GS:ffff99d3cf680000(0000) knlGS:0000000000000000
>   CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>   CR2: 0000440d035b3180 CR3: 0000002243176004 CR4: 00000000003706e0
>   DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
>   DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
>   Call Trace:
>    <TASK>
>    change_pte_range+0x36e/0x880
>    change_p4d_range+0x2e8/0x670
>    change_protection_range+0x14e/0x2c0
>    mprotect_fixup+0x1ee/0x330
>    do_mprotect_pkey+0x34c/0x440
>    __x64_sys_mprotect+0x1d/0x30

The VM_BUG_ON added in this patch seems to have revealed a real bug,
because we probably shouldn't call pfn_swap_entry_to_page() upon e.g. a
genuine swap pte.

I'll post a patch shortly, thanks.

-- 
Peter Xu


  reply	other threads:[~2022-08-23 22:05 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-11 16:13 [PATCH v4 0/7] mm: Remember a/d bits for migration entries Peter Xu
2022-08-11 16:13 ` [PATCH v4 1/7] mm/x86: Use SWP_TYPE_BITS in 3-level swap macros Peter Xu
2022-08-11 16:13 ` [PATCH v4 2/7] mm/swap: Comment all the ifdef in swapops.h Peter Xu
2022-08-15  6:03   ` Alistair Popple
2022-08-11 16:13 ` [PATCH v4 3/7] mm/swap: Add swp_offset_pfn() to fetch PFN from swap entry Peter Xu
2022-08-12  2:33   ` Huang, Ying
2022-08-23 21:01     ` Yu Zhao
2022-08-23 22:04       ` Peter Xu [this message]
2022-08-11 16:13 ` [PATCH v4 4/7] mm/thp: Carry over dirty bit when thp splits on pmd Peter Xu
2022-10-21 16:06   ` dpkg fails on sparc64 (was: [PATCH v4 4/7] mm/thp: Carry over dirty bit when thp splits on pmd) Anatoly Pugachev
2022-10-23 13:33     ` dpkg fails on sparc64 (was: [PATCH v4 4/7] mm/thp: Carry over dirty bit when thp splits on pmd) #forregzbot Thorsten Leemhuis
2022-11-04 10:39       ` Thorsten Leemhuis
2022-11-13 17:56         ` Thorsten Leemhuis
2022-10-23 19:52     ` dpkg fails on sparc64 (was: [PATCH v4 4/7] mm/thp: Carry over dirty bit when thp splits on pmd) Peter Xu
2022-10-25 10:22       ` Anatoly Pugachev
2022-10-25 14:43         ` Peter Xu
2022-11-01 13:13           ` Anatoly Pugachev
2022-11-02 18:34             ` Peter Xu
2022-11-02 18:47               ` Andrew Morton
2022-08-11 16:13 ` [PATCH v4 5/7] mm: Remember young/dirty bit for page migrations Peter Xu
2022-09-11 23:48   ` Andrew Morton
2022-09-13  0:55     ` Huang, Ying
2022-08-11 16:13 ` [PATCH v4 6/7] mm/swap: Cache maximum swapfile size when init swap Peter Xu
2022-08-12  2:34   ` Huang, Ying
2022-08-11 16:13 ` [PATCH v4 7/7] mm/swap: Cache swap migration A/D bits support Peter Xu
2022-11-21  5:15 ` [PATCH v4 0/7] mm: Remember a/d bits for migration entries Raghavendra K T
2022-11-21 14:57   ` Peter Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YwVPArKuo+bWxe6e@xz-m1.local \
    --to=peterx@redhat.com \
    --cc=aarcange@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=andi.kleen@intel.com \
    --cc=apopple@nvidia.com \
    --cc=david@redhat.com \
    --cc=hughd@google.com \
    --cc=kirill@shutemov.name \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=minchan@kernel.org \
    --cc=nadav.amit@gmail.com \
    --cc=vbabka@suse.cz \
    --cc=ying.huang@intel.com \
    --cc=yuzhao@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.