From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C98E7C433EF for ; Thu, 10 Feb 2022 19:42:43 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5B7F56B0074; Thu, 10 Feb 2022 14:42:43 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 566F06B0075; Thu, 10 Feb 2022 14:42:43 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3B8DD6B0078; Thu, 10 Feb 2022 14:42:43 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0087.hostedemail.com [216.40.44.87]) by kanga.kvack.org (Postfix) with ESMTP id 2A4F06B0074 for ; Thu, 10 Feb 2022 14:42:43 -0500 (EST) Received: from smtpin23.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id EA3E994FBD for ; Thu, 10 Feb 2022 19:42:42 +0000 (UTC) X-FDA: 79127892564.23.A910A90 Received: from mx0a-00069f02.pphosted.com (mx0a-00069f02.pphosted.com [205.220.165.32]) by imf27.hostedemail.com (Postfix) with ESMTP id 355CD40004 for ; Thu, 10 Feb 2022 19:42:41 +0000 (UTC) Received: from pps.filterd (m0246617.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 21AIWkBS008865; Thu, 10 Feb 2022 19:42:39 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=message-id : date : subject : to : cc : references : from : in-reply-to : content-type : content-transfer-encoding : mime-version; s=corp-2021-07-09; bh=yxjfgrTfPZ5e6A/Bu2E59gRevd8xJNRWZy8URajl6lA=; b=UoNIx7VkQSYrtmlRlz3NPP23XduEqPAGf1mzjCE6+m8K/8m5F19oWwbqTROL27NGRi3V kMrrvdaWhJzShZ1IrmdW4g6ID6fEe5wTa6PGcXwnO2Ncdtk8SFe8JpBwnzKi8HrKUqt+ WOIDANRDRICx1HZjOg3en3K5gr01AqPrYxnv5TJ1iZ6XO59i+BC5YLHKlZApFUD5Cojk iZ8iMmmOI4f/iS9fRc1bimzWBAB2oO/Kkcq8231R5BGYL49LaeGJwSsc1Qx/R7Tzd4l+ tpZACuRbhvUdd2vw0lAGSvF3yJVwWZaVk4Ihy3A98jpfgzrNPIlA+8lQxTfwZZimha0g xQ== Received: from userp3020.oracle.com (userp3020.oracle.com [156.151.31.79]) by mx0b-00069f02.pphosted.com with ESMTP id 3e3fpgsd1p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 10 Feb 2022 19:42:38 +0000 Received: from pps.filterd (userp3020.oracle.com [127.0.0.1]) by userp3020.oracle.com (8.16.1.2/8.16.1.2) with SMTP id 21AJein3167398; Thu, 10 Feb 2022 19:42:37 GMT Received: from nam11-bn8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2172.outbound.protection.outlook.com [104.47.58.172]) by userp3020.oracle.com with ESMTP id 3e1jpw3p7m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 10 Feb 2022 19:42:37 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lgLPLMgUVfbHfaF8HNVX/Qz5HxMhdw9tQEzI0+JvZMSIv5QdMtNeGgYv92LOkqD3ZKx5FdX4TCb1wmUT62fZpznahvZHJch/m/EFqbW4iMPyZ4brFeIyQvu3xeHUENw3bca3/EBKH/hLzPyEngN/WaK33HX7zH1VxtPPAxrKh5A+r+A6gp3Zo0U3ugMK7ozjR19+cO62f3CIzQLSx9d9H+q4i6iYmtTPdsDywiqIFn4lzSM0yJSOk2EcUGq3D48HQxMGWdtD1nhacPM3/rX9EiLT3snlMX9oNHGkprydR+XpG3NsUSO5mex+cCtx+5u4PxpxggN3/v2g2wcbxH3wNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yxjfgrTfPZ5e6A/Bu2E59gRevd8xJNRWZy8URajl6lA=; b=PMwjTrUHwEq33vTjQJ6a50EEfPxkQmtdepHbj81cBVWNQ1b6vBYch8HvPjCln6QKaz498Lkm+CZdCQS8a9oaZGT9L34gSIhgYUR0pc8lZH5HBmvr1yaEnvoG0U79JHzdUvjtKMqyOGWpNVf9+nDoyyWWb9Dpu4TUp+vL5hLVWP+aUdJd9Il3B9fL6MXF6JUbe9hFahPh3fA8GexjWGQT1OBJgWfND3J/8oaLPAfxedYG9h2937RLyaB539rW9/QSwUcISzAT48PjNihOwTrJ18gdTdbpbVwHYJx09gFX6uWpE+qW0wcGCNEOdCpCSdsG0UGgTqfFiut0Ix7zbmE8ig== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yxjfgrTfPZ5e6A/Bu2E59gRevd8xJNRWZy8URajl6lA=; b=t6kj8tqNxhTVkdQ/egVmsYxKAX4eN3aN3dYfVMfmlIwN6o+zPjEkcxUKsRaz380/PCbvH3HKap6KFw4lW/wrfUBG2E69xPFvp0CrtqbC088u+F+MDy7p9+X4LR6QDQWBhTryf1cwEBtsEm9Z26vgnPJrOI9XZasVOEQEk9qpGOI= Received: from BY5PR10MB4196.namprd10.prod.outlook.com (2603:10b6:a03:20d::23) by DS7PR10MB5101.namprd10.prod.outlook.com (2603:10b6:5:3b0::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4975.12; Thu, 10 Feb 2022 19:42:35 +0000 Received: from BY5PR10MB4196.namprd10.prod.outlook.com ([fe80::11f6:860e:575a:e6f1]) by BY5PR10MB4196.namprd10.prod.outlook.com ([fe80::11f6:860e:575a:e6f1%5]) with mapi id 15.20.4975.014; Thu, 10 Feb 2022 19:42:35 +0000 Message-ID: Date: Thu, 10 Feb 2022 11:42:33 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: [PATCH] mm/hugetlb: Fix kernel crash with hugetlb mremap Content-Language: en-US To: "Aneesh Kumar K.V" , linux-mm@kvack.org, akpm@linux-foundation.org Cc: Mina Almasry References: <20220210073111.61199-1-aneesh.kumar@linux.ibm.com> From: Mike Kravetz In-Reply-To: <20220210073111.61199-1-aneesh.kumar@linux.ibm.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-ClientProxiedBy: MWHPR1601CA0010.namprd16.prod.outlook.com (2603:10b6:300:da::20) To BY5PR10MB4196.namprd10.prod.outlook.com (2603:10b6:a03:20d::23) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: acf21ab1-cf4e-4b6d-4974-08d9eccd7c87 X-MS-TrafficTypeDiagnostic: DS7PR10MB5101:EE_ X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:8273; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 2ho5bsgc44vN5ERgHJVMc4OEaG3xglz1BKyMRWNFGBObYe474jV2K74qMrOJe/oyCEqwZWCBqJ2uFg+fPcbL8gKd12E/URvOFEGsK/8p/5cIEP4EDQk7FXHAHs+BTBcTCKsJcIaCEOcdVtXyK4/NEL7SBXACDn9lTPMckH+Snl04E2GZI8CEoYRzXV5eHn4bxfaFURk6igL00NhoMt3HwrIcAn+EvbwxInvwinshgbCopGUtuFEAup2n2sGxwjvq0jY3SrnAYrO5IbepLZbC4owrg3iy2pxbDCbt9LRhYpwLYFWXGJNeTVPER4OyCj1WDlFdyIG4zPOT4AAd/6hMAo76RASFnKDwmvhCUlK0ELT1FovyuTfCiqn1EbPgyQcN/zKuVgBLD570Y4yAETe7n3Lp+NZFangl15psAymvYXs2yxnbxj9+TpstKCW9FjXGHy3VD4WUERLLiMBZk3bmOQ+oQs0eBwLTks++Fw0AKeutbdFpYucjTgnyjwYHzUmdNHg3qgV8eZEQ+NlrMfJ8b3pvRVh+y6mlZyG5EA1tjvvEY+frjfgt4qLYITlb/wBsnoDpQBqo7qjzFQaG6WuMiScCmwjg3DLcth82/eHi5T7wwdbr6XLbx0JvkVybIsA5084MRwsUi55fkZhnJAUwUgPKT52RQpo9rMFScr8AM2atb7AorlaP2gz2dgH4dfd1PumELy+Gh0LLnYEsj+D3Uj3K8JMENJUaJxVgC2shV+GzI+bbDHKuctMMRP7ebISiJmTXjd5sICAdnudQYU/y2w== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BY5PR10MB4196.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(366004)(31686004)(83380400001)(6486002)(508600001)(44832011)(2906002)(36756003)(5660300002)(8936002)(86362001)(4326008)(8676002)(26005)(31696002)(66556008)(66476007)(66946007)(53546011)(2616005)(6512007)(186003)(38100700002)(38350700002)(316002)(6506007)(52116002)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?OFpSenBwNjRFTTJ1alc2blB6bjdyVEtiZGY5VkdVZWRrZW1aa0ZzVGhDVC81?= =?utf-8?B?ZHJzQ3ZMRjNQc2twSXVZWThBTWxqUU81N215OVorbEZlUm9CYmZ6ZEIzY3Vv?= =?utf-8?B?bk5tZHZtOForSzI1cmNyRHRBcFhHRmhoZTdYaFFxZjlBWktxMU1WV1BkZkhS?= =?utf-8?B?c0JPakVtRnQ5d1RDYkNwVml5azJkQ095K2h5M243dnRJTFNEdStKSlNFd1lX?= =?utf-8?B?N0RySGc3cndTYzZSSStqNzJtL3M3ZEx3dmo4V0ZsZUs1MHFqaHg2Z3cvUkt2?= =?utf-8?B?VmJadjFRWmpkNmxNWi9yWjYxL0lGb3JMUWZlWTM5NjIrYkxNRkxOZUtnakxY?= =?utf-8?B?T1hsVFQzbUNGWGFaU21DcEppdytKTkxNSHFsWTh2cE1uY1NXWnJTWDQ4TDhM?= =?utf-8?B?RHovWDEwL01la0ZISGRBbTVXdkhSZ2htMC85S2NSbU1uUkhKRW1Xc0Z1TG9E?= =?utf-8?B?MnhpZDVZZkhoMlc2WGRCOHBVRk9CVmxCbno1Slh6UHdJRFdaSWV1Mk4vYWxY?= =?utf-8?B?OU03aHhtdWRyeFhkdVRmSHpoV29wcTJoN0ZYYVZlWWh0MG5QV1hYb1V6VHdi?= =?utf-8?B?NlI0ZEthNGZhbUFjVEFrSUt5dFl6N3J0aVVJT2oxTFM3YVZ3SjR1NTFPaVd6?= =?utf-8?B?aWxKZFhPSlFlOWtqdCtxMjVrcmd5MHRpZGdLcVQzcXRodFF4bUV3WXNLQUdk?= =?utf-8?B?MUJQajhHOVd3QkN1bmJJRUFpMnBCWlkvL0NRbWhVN2dERDdMTTNTdkdFM2hl?= =?utf-8?B?UWl5WjFnckVrbnlxTmpEQ24vcW9ubENnZXZrSzZGV1QraE1YK3JlK2NpeGls?= =?utf-8?B?d2paSWVxNlBUM0szdFJ2NUpNR29sNWV6bGFuRUFGTXBYVVdzMmNta1BDNmtF?= =?utf-8?B?Q210RWZXWVBwNUFXWk8vOTFmOHQ0MmtKbmwyRVFLRlZMejd1UXRlUFVUenhk?= =?utf-8?B?N2E2ODhsVStWSllNSm9ueEF4VnhsbTJORFZuOVlFZUlGeTB4L09Fb25VQ2Ex?= =?utf-8?B?K1pJOUdrS0V5a2VCUDVMcklKYWxaekI3M1FLZXBZTlhJNk5BOEYxVjdNbFFG?= =?utf-8?B?SDRZYVJqMUZZcDV4VjVvRGJDb09EdUNLbnRqU3VOb1NwTW16S0hZMHM2OGtm?= =?utf-8?B?V1F6UEFvSzgxWmJicjBpcStTOXFnaGlvdzhnNnF2VzJ3dWZ5VXlOZ0tPTUMw?= =?utf-8?B?VFZoRTAxVlF0U3BxZ0Z0eDlHcCt3d25PWWZhUFZJUHJ0WWZ4NGEySmxYMHhz?= =?utf-8?B?clV4d1hyVUdaMFpkNk8xMXNHa0pScElqYzk4bVVmN0FRWUpDL1JzUUpGMGVt?= =?utf-8?B?UW9PNDczSG44YUdvZnRlWmN6NVUrOTl4ZnhidzhycXhjd1M1Y3hBWnM5OCta?= =?utf-8?B?VnR2OXROT2ZLc293WkRnSkdPbHhNMTdGc1k5d3FwZUpJd2NlV0MrczA3VDFY?= =?utf-8?B?NWhBOHhzVWJBenF0Nm5kSEJ5SzJSd2tiNWRqWkw5WmlsQVpla1dueS9VVlRD?= =?utf-8?B?anRmY0w5V1FRdk9rSXluUmQzT0VZNkpJUVBRM2xKN3RFSEtqZ1c1bGw0RXFu?= =?utf-8?B?a0xVdW9pM3IwRDZQZzNneWR1dXh6QXdXM2srbGg2QWdBVTJvcFdaYXltczNv?= =?utf-8?B?QkI0enhPK1BYZDZibzk3VjlWN0lXVkJyMERJbWdwNFdsYU1CaGxqNnNYU1dC?= =?utf-8?B?N1JaS1ZuQmJKamwzM3RYSDE0VnllZE9BUzR1TmxIcUVCejFoOHRDL2pYd2x2?= =?utf-8?B?bnVndzROaldvZ0FmTTMwNEhTNThRL2dvM3o4blFKOFZUZjBXQXFFazZ4MXk2?= =?utf-8?B?cHg5NUZoVUNmNkZNNUFGSnlsYlI0MFNyN1FBTjJ5KzhqT25nMnFVSWFNVW1q?= =?utf-8?B?aG5yeXdXOWdSd1VGQkJYY1ZZOVh1WDBLZi9XaENYZ3RIRlRSbGhKTUVvUlZw?= =?utf-8?B?dXVHTE0zbTFGV2UyalJwRk9uMHFTa2lQcUluNEFNNXh2YkVCdFZuSTFKTmp0?= =?utf-8?B?a0tFL3RzMW12SnZwc3A3eVhHQXN6WnhLQ0pOSEZ6UHhaQzZtWmVReUNmQks5?= =?utf-8?B?YnZMMm9BVHlZbzRaclRjMnlPT2Z6S1FFc3daUDIxRmsxbDhNdm9Ya25sb1hG?= =?utf-8?B?OTA5RWVEc0lSbWZEZEFxYzFhOFJZdHEwNW9TZU16ZjZPaWJIZmZTN2M0WG5F?= =?utf-8?Q?EHEryv6Vd8WZjOLzZXKSfQ0=3D?= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: acf21ab1-cf4e-4b6d-4974-08d9eccd7c87 X-MS-Exchange-CrossTenant-AuthSource: BY5PR10MB4196.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Feb 2022 19:42:35.2577 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: kX65wiw88eX2f437ak2ymmBwLBqzZooWbNFTPqzBUZRNYyjV9OwpXI/bb9eAFxY/bBox3T0rD3LJXyxZP2in0A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR10MB5101 X-Proofpoint-Virus-Version: vendor=nai engine=6300 definitions=10254 signatures=673431 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=999 mlxscore=0 bulkscore=0 malwarescore=0 suspectscore=0 phishscore=0 adultscore=0 spamscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2201110000 definitions=main-2202100104 X-Proofpoint-GUID: oRpnLdNloFXV_uZ2xUNaK89DtZK48aWT X-Proofpoint-ORIG-GUID: oRpnLdNloFXV_uZ2xUNaK89DtZK48aWT Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=oracle.com header.s=corp-2021-07-09 header.b=UoNIx7Vk; dkim=pass header.d=oracle.onmicrosoft.com header.s=selector2-oracle-onmicrosoft-com header.b=t6kj8tqN; spf=none (imf27.hostedemail.com: domain of mike.kravetz@oracle.com has no SPF policy when checking 205.220.165.32) smtp.mailfrom=mike.kravetz@oracle.com; dmarc=pass (policy=none) header.from=oracle.com X-Stat-Signature: 4yyizrz81x6aqbd94nikz81e1ypjuyym X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 355CD40004 X-Rspam-User: X-HE-Tag: 1644522161-428768 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 2/9/22 23:31, Aneesh Kumar K.V wrote: > This fixes the below crash: > > kernel BUG at include/linux/mm.h:2373! > cpu 0x5d: Vector: 700 (Program Check) at [c00000003c6e76e0] > pc: c000000000581a54: pmd_to_page+0x54/0x80 > lr: c00000000058d184: move_hugetlb_page_tables+0x4e4/0x5b0 > sp: c00000003c6e7980 > msr: 9000000000029033 > current = 0xc00000003bd8d980 > paca = 0xc000200fff610100 irqmask: 0x03 irq_happened: 0x01 > pid = 9349, comm = hugepage-mremap > kernel BUG at include/linux/mm.h:2373! > [link register ] c00000000058d184 move_hugetlb_page_tables+0x4e4/0x5b0 > [c00000003c6e7980] c00000000058cecc move_hugetlb_page_tables+0x22c/0x5b0 (unreliable) > [c00000003c6e7a90] c00000000053b78c move_page_tables+0xdbc/0x1010 > [c00000003c6e7bd0] c00000000053bc34 move_vma+0x254/0x5f0 > [c00000003c6e7c90] c00000000053c790 sys_mremap+0x7c0/0x900 > [c00000003c6e7db0] c00000000002c450 system_call_exception+0x160/0x2c0 > > the kernel can't use huge_pte_offset before it set the pte entry because a page table > lookup check for huge PTE bit in the page table to differentiate between a > huge pte entry and a pointer to pte page. A huge_pte_alloc won't mark the > page table entry huge and hence kernel should not use huge_pte_offset after > a huge_pte_alloc. Thanks Aneesh! Architectures that use the default version of huge_pte_offset (like X86) 'got away' with this because of the default return: pmd = pmd_offset(pud, addr); /* must be pmd huge, non-present or none */ return (pte_t *)pmd; > > Cc: Mina Almasry > Cc: Mike Kravetz > Signed-off-by: Aneesh Kumar K.V Should we add a Fixes: tag and cc stable? > --- > mm/hugetlb.c | 7 +++---- > 1 file changed, 3 insertions(+), 4 deletions(-) Reviewed-by: Mike Kravetz -- Mike Kravetz > > diff --git a/mm/hugetlb.c b/mm/hugetlb.c > index 61895cc01d09..e57650a9404f 100644 > --- a/mm/hugetlb.c > +++ b/mm/hugetlb.c > @@ -4851,14 +4851,13 @@ int copy_hugetlb_page_range(struct mm_struct *dst, struct mm_struct *src, > } > > static void move_huge_pte(struct vm_area_struct *vma, unsigned long old_addr, > - unsigned long new_addr, pte_t *src_pte) > + unsigned long new_addr, pte_t *src_pte, pte_t *dst_pte) > { > struct hstate *h = hstate_vma(vma); > struct mm_struct *mm = vma->vm_mm; > - pte_t *dst_pte, pte; > spinlock_t *src_ptl, *dst_ptl; > + pte_t pte; > > - dst_pte = huge_pte_offset(mm, new_addr, huge_page_size(h)); > dst_ptl = huge_pte_lock(h, mm, dst_pte); > src_ptl = huge_pte_lockptr(h, mm, src_pte); > > @@ -4917,7 +4916,7 @@ int move_hugetlb_page_tables(struct vm_area_struct *vma, > if (!dst_pte) > break; > > - move_huge_pte(vma, old_addr, new_addr, src_pte); > + move_huge_pte(vma, old_addr, new_addr, src_pte, dst_pte); > } > flush_tlb_range(vma, old_end - len, old_end); > mmu_notifier_invalidate_range_end(&range);