From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CCEA1C6FD1C for ; Fri, 24 Mar 2023 15:34:35 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 55D776B0072; Fri, 24 Mar 2023 11:34:35 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 50CAA6B0074; Fri, 24 Mar 2023 11:34:35 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3AE426B0075; Fri, 24 Mar 2023 11:34:35 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 2A65D6B0072 for ; Fri, 24 Mar 2023 11:34:35 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 025FD1C6138 for ; Fri, 24 Mar 2023 15:34:34 +0000 (UTC) X-FDA: 80604188910.19.25FF3D6 Received: from mail-yw1-f172.google.com (mail-yw1-f172.google.com [209.85.128.172]) by imf04.hostedemail.com (Postfix) with ESMTP id 23C4340010 for ; Fri, 24 Mar 2023 15:34:31 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b="D0t/wHjU"; spf=pass (imf04.hostedemail.com: domain of jiaqiyan@google.com designates 209.85.128.172 as permitted sender) smtp.mailfrom=jiaqiyan@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1679672072; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VxGXu+Uw23+T5p5CFinBnc2v6eN3+lROdGb6EStrVL8=; b=hiCsjcBR+PC3x56+jMTIkG3m2TS/aEE9Z3rRlGo6nNdCjNj3zwSpS98DNAiWPf/sSgLFUn ZDKXDkC35c6cLd6rT5Yuqi5AD6M5+pxO+MluZISfSEtD+C56w1a4lbt0DZenS2ZbpvL0Df VEJQp1jMtianHgwNKkgYr4duQ5sQNBA= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b="D0t/wHjU"; spf=pass (imf04.hostedemail.com: domain of jiaqiyan@google.com designates 209.85.128.172 as permitted sender) smtp.mailfrom=jiaqiyan@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1679672072; a=rsa-sha256; cv=none; b=0rbY3oetVsa33+IGyhahQ6QqNogNUdQkotlqyltKmHmkSMoEXBf3dYdC3amC+cbXw72wGr WFHKDHO7dpDIVFIjSEscCntUnDNkdPfb1PUv3KaaFTbLuJW7w2b+yymaak7sSVE6hyEX10 pstB+a7Jlk9OX8dAOHkI7rbJEU++jh4= Received: by mail-yw1-f172.google.com with SMTP id 00721157ae682-5447d217bc6so39396567b3.7 for ; Fri, 24 Mar 2023 08:34:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1679672071; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=VxGXu+Uw23+T5p5CFinBnc2v6eN3+lROdGb6EStrVL8=; b=D0t/wHjUHMfwwBkHI+Of3jAuqjp5xXHDDUWauKQgISk9LRsSu62DOFn0NwX/tkprec Qift4nh7+AsWRdfHYFSjC620wVYyCgKCuDAs3xpqSO2it+T21GiQzmTCKaQrxqiBdM6t N+ce7VPkN/40lIgeZPoucSmCKXGaYhR8Y7MUaPcmk90KTBBZ6vSEyXS4HUoK/Wbyi34w dNaoX+zWS3u2Bg27P7DBRBrp3BP/LF3YNLBK0xMHyr/oIrImp9VbrZcSEmS/tE8f1piV hkfcUbQsj2agnKd68YJuVhwDdlqnZua3t26I1KakSKPBcojYZG5kUTmtb+sBGLc0A+uc fspA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1679672071; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VxGXu+Uw23+T5p5CFinBnc2v6eN3+lROdGb6EStrVL8=; b=LKTBJXYqwa0cDLBf6J8HcVGEtGHwCirfbKFpIVPMimYUVM2BUMxGaKOrYuacAt6Yv0 LIRC9nT0WU4/TBrROYodcl9T5pt7i6VYpbi42jdn+ZaAGdJvT8f9VrccHIYHHXKKvXDK AEYHNUSzofrNVOAq/ymuiwdxOGjU/4kFN/l+dQEt5QrBTFVGTu3wHPoTVIDDWlYFDk87 ix4LHzs1mpamo0uhpu8KGeY0gQjibwL1jTkldlu5KJf+nXN9TMhA4auhtspXEO2sYI0F ITNOx5ZxLovD0MLoCaWuLSt7gm6h8LoDD+qQRmGJyy7ICQxoF3gvMk3jwIm4jUAVLx7M b76g== X-Gm-Message-State: AAQBX9drUBUof3SxLZCL11FBzKMPR6BSuL/fqS8VXB362O9CFhNzBEdD 7AeVuM+cvRCJBILoF+JAbHEH2rDJWj/kKv4sVNaPIQ== X-Google-Smtp-Source: AKy350aX/ClpHnvb6+PLQx/aWQQTeI9YpBhGW3Vw188h8sdXf5ju718+vgbvjB0jLpRa0i/i+9DUZBTyBzF6OQJRR2A= X-Received: by 2002:a81:bd06:0:b0:541:a17f:c77d with SMTP id b6-20020a81bd06000000b00541a17fc77dmr1248985ywi.10.1679672070865; Fri, 24 Mar 2023 08:34:30 -0700 (PDT) MIME-Version: 1.0 References: <20230305065112.1932255-1-jiaqiyan@google.com> <20230305065112.1932255-2-jiaqiyan@google.com> In-Reply-To: From: Jiaqi Yan Date: Fri, 24 Mar 2023 08:34:19 -0700 Message-ID: Subject: Re: [PATCH v10 1/3] mm/khugepaged: recover from poisoned anonymous memory To: Yang Shi Cc: kirill.shutemov@linux.intel.com, kirill@shutemov.name, tongtiangen@huawei.com, tony.luck@intel.com, akpm@linux-foundation.org, naoya.horiguchi@nec.com, linmiaohe@huawei.com, linux-mm@kvack.org, osalvador@suse.de, wangkefeng.wang@huawei.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 23C4340010 X-Stat-Signature: mqmfb4f4nazxebsihoyje5xnsuxesksz X-HE-Tag: 1679672071-471246 X-HE-Meta: U2FsdGVkX18+ndejWxeeIFpI69ZQv5iG2Fa9mZcRQ8iC8Igo4jtbGjfJsqMvzFiSJXEm1Vj5chTK4LwvjVMRLMAFJjM9ysMQzTSI7Hd04CI16tQqOICcjIzsv6NDf9SejgYw8AqgIsC8Bxk5CkhzHbBO6ltZGQiWsnMa4CKeReUbdYuqimLAsMsQilAhb5G/uMLQJo3ylqUUwmV5F2lr399dHzp+a5wLI9VJbxmAeeR3SGyNr2hNEGfnWACzLQbdBFBeOQxmoFXPU3JJwQa+mom24DTFCJrLIsmp21S4SJLCOvf1+pDkB+w02zUSNsutz4sO7y8vpTn4Ka/0WImNE9tRRmyB6iCU05yeRgRGJ7RQsOfgaadMnBG95Vc46ivwJ7Xkint6m3xRsW2XcSgs40/xvQWDhQEW2qQB1DVIM4kxnbeoXAQYgMH2YVTR2h0jbiZnW9gqGUf70L+f4Wf/+kPOpZ6/sV9wsWG6/JahoVB3nrA/BGRJ/TIkdLClXaXWELrEuygOOPR7kEsQe/9q7sZNdp468t96DmD7jcLyQ1xjFVLTO2XhhJ/qGT86HlN3PobcrBG3SBiWUtwPjq0jeuuIaMqjmDzHOy3YipsSi78iAtiHIaBuB9cMTNggx8t7xZZYRqU+0wRjn4FQ0f0QO0GIpBmHCpOb9MCQJEY9FZ6ug/ggEzI5fd04RtgU8V1utkE6xQ1VtmkUFR9VCjqvYmNsA6XhGZPUKYzc+EzhRIX33gPJsN+ejQqSGw4Tka3pjMaPjtz4LgsuSASlcuN1PdAT0s6Ru3UcnNJbbooxIGFe4wMfXC2a4jO9+GPONJwQ5OnVdWP5ZHaEkW6U3wiwUzPCADMauy9olZsoo0jcKIyjeOWf93MX+/8IkPGSpTlO30u/MP8S3AF7uOk5MQ2EwB2SguBT9KTrl3s7spVi2W4qV8yZotSShcRyE8a/w7XBOC097CFUWCbCk9f9t4p IOP0edpG ub3sOuSUMoTeZaPB0knknpXG0n4FhKZi5QUIDz/G7GxJNwd6UMHvLlzRXCeaidRQ+4BDwbCJu+C+CFEOVZ5jhwR/Nc3mo4kJnZ8MEhlyvuH4woQCV5iB5QWzDOvSilD/PVrploxbbFf4gsRHHq+acXp94hFdG1v1lRjhMS0WYT861D0B1C/MnQIuxVucl51Yaa8ffJH21mo5nI0QS/dpaGPwUs4+lcexQRIbDyqXVhoyF3lLpO1uin62rEjClgl3gKRzRgo+yXd5KOwcCnQJUHXAJXwm2vX3hUb5rOgHCJ1eLw84= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Mar 23, 2023 at 2:38=E2=80=AFPM Yang Shi wrot= e: > > On Sat, Mar 4, 2023 at 10:51=E2=80=AFPM Jiaqi Yan w= rote: > > > > Make __collapse_huge_page_copy return whether copying anonymous pages > > succeeded, and make collapse_huge_page handle the return status. > > > > Break existing PTE scan loop into two for-loops. The first loop copies > > source pages into target huge page, and can fail gracefully when runnin= g > > into memory errors in source pages. If copying all pages succeeds, the > > second loop releases and clears up these normal pages. Otherwise, the > > second loop rolls back the page table and page states by: > > - re-establishing the original PTEs-to-PMD connection. > > - releasing source pages back to their LRU list. > > > > Tested manually: > > 0. Enable khugepaged on system under test. > > 1. Start a two-thread application. Each thread allocates a chunk of > > non-huge anonymous memory buffer. > > 2. Pick 4 random buffer locations (2 in each thread) and inject > > uncorrectable memory errors at corresponding physical addresses. > > 3. Signal both threads to make their memory buffer collapsible, i.e. > > calling madvise(MADV_HUGEPAGE). > > 4. Wait and check kernel log: khugepaged is able to recover from poison= ed > > pages and skips collapsing them. > > 5. Signal both threads to inspect their buffer contents and make sure n= o > > data corruption. > > > > Signed-off-by: Jiaqi Yan > > --- > > include/trace/events/huge_memory.h | 3 +- > > mm/khugepaged.c | 148 ++++++++++++++++++++++++----- > > 2 files changed, 128 insertions(+), 23 deletions(-) > > > > diff --git a/include/trace/events/huge_memory.h b/include/trace/events/= huge_memory.h > > index 3e6fb05852f9a..46cce509957ba 100644 > > --- a/include/trace/events/huge_memory.h > > +++ b/include/trace/events/huge_memory.h > > @@ -36,7 +36,8 @@ > > EM( SCAN_ALLOC_HUGE_PAGE_FAIL, "alloc_huge_page_failed") = \ > > EM( SCAN_CGROUP_CHARGE_FAIL, "ccgroup_charge_failed") = \ > > EM( SCAN_TRUNCATED, "truncated") = \ > > - EMe(SCAN_PAGE_HAS_PRIVATE, "page_has_private") = \ > > + EM( SCAN_PAGE_HAS_PRIVATE, "page_has_private") = \ > > + EMe(SCAN_COPY_MC, "copy_poisoned_page") = \ > > > > #undef EM > > #undef EMe > > diff --git a/mm/khugepaged.c b/mm/khugepaged.c > > index 27956d4404134..c3c217f6ebc6e 100644 > > --- a/mm/khugepaged.c > > +++ b/mm/khugepaged.c > > @@ -19,6 +19,7 @@ > > #include > > #include > > #include > > +#include > > > > #include > > #include > > @@ -55,6 +56,7 @@ enum scan_result { > > SCAN_CGROUP_CHARGE_FAIL, > > SCAN_TRUNCATED, > > SCAN_PAGE_HAS_PRIVATE, > > + SCAN_COPY_MC, > > }; > > > > #define CREATE_TRACE_POINTS > > @@ -681,47 +683,47 @@ static int __collapse_huge_page_isolate(struct vm= _area_struct *vma, > > return result; > > } > > > > -static void __collapse_huge_page_copy(pte_t *pte, struct page *page, > > - struct vm_area_struct *vma, > > - unsigned long address, > > - spinlock_t *ptl, > > - struct list_head *compound_pageli= st) > > +static void __collapse_huge_page_copy_succeeded(pte_t *pte, > > + pmd_t *pmd, > > + struct vm_area_struct *= vma, > > + unsigned long address, > > + spinlock_t *pte_ptl, > > + struct list_head *compo= und_pagelist) > > { > > struct page *src_page, *tmp; > > pte_t *_pte; > > - for (_pte =3D pte; _pte < pte + HPAGE_PMD_NR; > > - _pte++, page++, address +=3D PAGE_SIZE)= { > > - pte_t pteval =3D *_pte; > > + pte_t pteval; > > + unsigned long _address; > > > > + for (_pte =3D pte, _address =3D address; _pte < pte + HPAGE_PMD= _NR; > > + _pte++, _address +=3D PAGE_SIZE) { > > + pteval =3D *_pte; > > if (pte_none(pteval) || is_zero_pfn(pte_pfn(pteval))) { > > - clear_user_highpage(page, address); > > add_mm_counter(vma->vm_mm, MM_ANONPAGES, 1); > > if (is_zero_pfn(pte_pfn(pteval))) { > > /* > > - * ptl mostly unnecessary. > > + * pte_ptl mostly unnecessary. > > */ > > - spin_lock(ptl); > > - ptep_clear(vma->vm_mm, address, _pte); > > - spin_unlock(ptl); > > + spin_lock(pte_ptl); > > Why did you have to rename ptl to pte_ptl? It seems unnecessary. Thanks, I will use `ptl` in the next version. > > > + pte_clear(vma->vm_mm, _address, _pte); > > + spin_unlock(pte_ptl); > > } > > } else { > > src_page =3D pte_page(pteval); > > - copy_user_highpage(page, src_page, address, vma= ); > > if (!PageCompound(src_page)) > > release_pte_page(src_page); > > /* > > - * ptl mostly unnecessary, but preempt has to > > - * be disabled to update the per-cpu stats > > + * pte_ptl mostly unnecessary, but preempt has > > + * to be disabled to update the per-cpu stats > > * inside page_remove_rmap(). > > */ > > - spin_lock(ptl); > > - ptep_clear(vma->vm_mm, address, _pte); > > + spin_lock(pte_ptl); > > + ptep_clear(vma->vm_mm, _address, _pte); > > page_remove_rmap(src_page, vma, false); > > - spin_unlock(ptl); > > + spin_unlock(pte_ptl); > > free_page_and_swap_cache(src_page); > > } > > } > > - > > list_for_each_entry_safe(src_page, tmp, compound_pagelist, lru)= { > > list_del(&src_page->lru); > > mod_node_page_state(page_pgdat(src_page), > > @@ -733,6 +735,104 @@ static void __collapse_huge_page_copy(pte_t *pte,= struct page *page, > > } > > } > > > > +static void __collapse_huge_page_copy_failed(pte_t *pte, > > + pmd_t *pmd, > > + pmd_t orig_pmd, > > + struct vm_area_struct *vma= , > > + unsigned long address, > > + struct list_head *compound= _pagelist) > > +{ > > + struct page *src_page, *tmp; > > + pte_t *_pte; > > + pte_t pteval; > > + unsigned long _address; > > + spinlock_t *pmd_ptl; > > + > > + /* > > + * Re-establish the PMD to point to the original page table > > + * entry. Restoring PMD needs to be done prior to releasing > > + * pages. Since pages are still isolated and locked here, > > + * acquiring anon_vma_lock_write is unnecessary. > > + */ > > + pmd_ptl =3D pmd_lock(vma->vm_mm, pmd); > > + pmd_populate(vma->vm_mm, pmd, pmd_pgtable(orig_pmd)); > > + spin_unlock(pmd_ptl); > > + /* > > + * Release both raw and compound pages isolated > > + * in __collapse_huge_page_isolate. > > + */ > > It looks like the below code could be replaced by release_pte_pages() > with advancing _pte to (pte + HPAGE_PMD_NR - 1). > Yeah, but I think _pte should be (pte + HPAGE_PMR_NR) because _pte is decremented before comparison in release_pte_pages(pte, _pte, compound_pagelist): while (--_pte >=3D pte) {...} Advancing _pte to (pte + HPAGE_PMD_NR - 1) may leave the last page not rele= ased. > > > + for (_pte =3D pte, _address =3D address; _pte < pte + HPAGE_PMD= _NR; > > + _pte++, _address +=3D PAGE_SIZE) { > > + pteval =3D *_pte; > > + if (pte_none(pteval) || is_zero_pfn(pte_pfn(pteval))) > > + continue; > > + src_page =3D pte_page(pteval); > > + if (!PageCompound(src_page)) > > + release_pte_page(src_page); > > + } > > + list_for_each_entry_safe(src_page, tmp, compound_pagelist, lru)= { > > + list_del(&src_page->lru); > > + release_pte_page(src_page); > > + } > > +} > > + > > +/* > > + * __collapse_huge_page_copy - attempts to copy memory contents from r= aw > > + * pages to a hugepage. Cleans up the raw pages if copying succeeds; > > + * otherwise restores the original page table and releases isolated ra= w pages. > > + * Returns SCAN_SUCCEED if copying succeeds, otherwise returns SCAN_CO= PY_MC. > > + * > > + * @pte: starting of the PTEs to copy from > > + * @page: the new hugepage to copy contents to > > + * @pmd: pointer to the new hugepage's PMD > > + * @orig_pmd: the original raw pages' PMD > > + * @vma: the original raw pages' virtual memory area > > + * @address: starting address to copy > > + * @pte_ptl: lock on raw pages' PTEs > > + * @compound_pagelist: list that stores compound pages > > + */ > > +static int __collapse_huge_page_copy(pte_t *pte, > > + struct page *page, > > + pmd_t *pmd, > > + pmd_t orig_pmd, > > + struct vm_area_struct *vma, > > + unsigned long address, > > + spinlock_t *pte_ptl, > > + struct list_head *compound_pagelis= t) > > +{ > > + struct page *src_page; > > + pte_t *_pte; > > + pte_t pteval; > > + unsigned long _address; > > + int result =3D SCAN_SUCCEED; > > + > > + /* > > + * Copying pages' contents is subject to memory poison at any i= teration. > > + */ > > + for (_pte =3D pte, _address =3D address; _pte < pte + HPAGE_PMD= _NR; > > + _pte++, page++, _address +=3D PAGE_SIZE) { > > + pteval =3D *_pte; > > + if (pte_none(pteval) || is_zero_pfn(pte_pfn(pteval))) { > > + clear_user_highpage(page, _address); > > + continue; > > + } > > + src_page =3D pte_page(pteval); > > + if (copy_mc_user_highpage(page, src_page, _address, vma= ) > 0) { > > + result =3D SCAN_COPY_MC; > > + break; > > + } > > + } > > + > > + if (likely(result =3D=3D SCAN_SUCCEED)) > > + __collapse_huge_page_copy_succeeded(pte, pmd, vma, addr= ess, > > + pte_ptl, compound_p= agelist); > > + else > > + __collapse_huge_page_copy_failed(pte, pmd, orig_pmd, vm= a, > > + address, compound_page= list); > > + > > + return result; > > +} > > + > > static void khugepaged_alloc_sleep(void) > > { > > DEFINE_WAIT(wait); > > @@ -1106,9 +1206,13 @@ static int collapse_huge_page(struct mm_struct *= mm, unsigned long address, > > */ > > anon_vma_unlock_write(vma->anon_vma); > > > > - __collapse_huge_page_copy(pte, hpage, vma, address, pte_ptl, > > - &compound_pagelist); > > + result =3D __collapse_huge_page_copy(pte, hpage, pmd, _pmd, > > + vma, address, pte_ptl, > > + &compound_pagelist); > > pte_unmap(pte); > > + if (unlikely(result !=3D SCAN_SUCCEED)) > > + goto out_up_write; > > + > > /* > > * spin_lock() below is not the equivalent of smp_wmb(), but > > * the smp_wmb() inside __SetPageUptodate() can be reused to > > -- > > 2.40.0.rc0.216.gc4246ad0f0-goog > >