Re: [BUG] 2.6.30-rc3: BUG triggered on some hugepage usages
On Fri, May 01, 2009 at 07:48:46AM +1000, Benjamin Herrenschmidt wrote:
On Thu, 2009-04-30 at 21:59 +0100, Mel Gorman wrote:
This patch fixes the problem by not asseting the PTE is locked for VMAs
backed by huge pages.
Thanks, will apply.
What's the story with this patch? I'm still hearing of failures with huge pages
that this patch fixes but I'm no seeing it upstream. Was the patch
rejected or did it just slip through the cracks?
To refresh, an assertion is being made on ppc64 that only makes sense for
base pages. Hugepages through a wobbly every time. For convenience, here is
the patch again.
Thanks.
CUT HERE
powerpc: Do not assert pte_locked for hugepage PTE entries
With DEBUG_VM enabled, an assertion is made when changing the protection
flags of a PTE that the PTE is locked. Huge pages use a different
pagetable format and the assertion is bogus and will always trigger with
a bug looking something like
Unable to handle kernel paging request for data at address 0xf1a0023586f8
Faulting instruction address: 0xc0034a80
Oops: Kernel access of bad area, sig: 11 [#1]
SMP NR_CPUS=32 NUMA Maple
Modules linked in: dm_snapshot dm_mirror dm_region_hash
dm_log dm_mod loop evdev ext3 jbd mbcache sg sd_mod ide_pci_generic
pata_amd ata_generic ipr libata tg3 libphy scsi_mod windfarm_pid
windfarm_smu_sat windfarm_max6690_sensor windfarm_lm75_sensor
windfarm_cpufreq_clamp windfarm_core i2c_powermac
NIP: c0034a80 LR: c0034b18 CTR: 0003
REGS: c3037600 TRAP: 0300 Not tainted (2.6.30-rc3-autokern1)
MSR: 90009032 EE,ME,IR,DR CR: 28002484 XER: 200f
DAR: f1a0023586f8, DSISR: 4001
TASK = c002e54cc740[2960] 'map_high_trunca' THREAD: c3034000 CPU: 2
GPR00: 4000 c3037880 c0895d30 c002e5a2e500
GPR04: a000 c002edc40880 00570393 0001
GPR08: f00011ac 01a0023586e8 00f5 f1a0023586e8
GPR12: 28000484 c08dd780 1000
GPR16: f000 a000 c3037a20
GPR20: c002e5f4ece8 1000 c002edc40880
GPR24: c002e5f4ece8 a000 c002e5f4ece8
GPR28: 00570393 c002e5a2e500 a000 c3037880
NIP [c0034a80] .assert_pte_locked+0xa4/0xd0
LR [c0034b18] .ptep_set_access_flags+0x6c/0xb4
Call Trace:
[c3037880] [c3037990] 0xc3037990 (unreliable)
[c3037910] [c0034b18] .ptep_set_access_flags+0x6c/0xb4
[c30379b0] [c014bef8] .hugetlb_cow+0x124/0x674
[c3037b00] [c014c930] .hugetlb_fault+0x4e8/0x6f8
[c3037c00] [c013443c] .handle_mm_fault+0xac/0x828
[c3037cf0] [c00340a8] .do_page_fault+0x39c/0x584
[c3037e30] [c00057b0] handle_page_fault+0x20/0x5c
Instruction dump:
7d29582a 7d200074 7800d182 0b00 3c004000 3960 780007c6 796b00c4
7d290214 7929a302 1d290068 7d6b4a14 800b0010 7c74 7800d182 0b00
This patch fixes the problem by not asseting the PTE is locked for VMAs
backed by huge pages.
Signed-off-by: Mel Gorman m...@csn.ul.ie
---
arch/powerpc/mm/pgtable.c |3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/mm/pgtable.c b/arch/powerpc/mm/pgtable.c
index f5c6fd4..ae1d67c 100644
--- a/arch/powerpc/mm/pgtable.c
+++ b/arch/powerpc/mm/pgtable.c
@@ -219,7 +219,8 @@ int ptep_set_access_flags(struct vm_area_struct *vma,
unsigned long address,
entry = do_dcache_icache_coherency(entry);
changed = !pte_same(*(ptep), entry);
if (changed) {
- assert_pte_locked(vma-vm_mm, address);
+ if (!(vma-vm_flags VM_HUGETLB))
+ assert_pte_locked(vma-vm_mm, address);
__ptep_set_access_flags(ptep, entry);
flush_tlb_page_nohash(vma, address);
}
___
Linuxppc-dev mailing list
Linuxppc-dev@ozlabs.org
https://ozlabs.org/mailman/listinfo/linuxppc-dev
Re: [BUG] 2.6.30-rc3: BUG triggered on some hugepage usages
On Mon, 18 May 2009, Mel Gorman wrote: What's the story with this patch? I'm still hearing of failures with huge pages that this patch fixes but I'm no seeing it upstream. Was the patch rejected or did it just slip through the cracks? It didn't slip through the cracks, it was apparently just delayed. It's part of the merge requests I've gotten today (well, strictly speaking it seems to have hit my inbox just before midnight yesterday, but that's because those silly aussies stand upside down and sleep at odd hours). In fact, I just merged it, I haven't even had time to push that out. Linus ___ Linuxppc-dev mailing list Linuxppc-dev@ozlabs.org https://ozlabs.org/mailman/listinfo/linuxppc-dev
Re: [BUG] 2.6.30-rc3: BUG triggered on some hugepage usages
On Thu, 2009-04-30 at 21:59 +0100, Mel Gorman wrote:
This patch fixes the problem by not asseting the PTE is locked for VMAs
backed by huge pages.
Thanks, will apply.
Cheers,
Ben.
Signed-off-by: Mel Gorman m...@csn.ul.ie
---
arch/powerpc/mm/pgtable.c |3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/powerpc/mm/pgtable.c b/arch/powerpc/mm/pgtable.c
index f5c6fd4..ae1d67c 100644
--- a/arch/powerpc/mm/pgtable.c
+++ b/arch/powerpc/mm/pgtable.c
@@ -219,7 +219,8 @@ int ptep_set_access_flags(struct vm_area_struct *vma,
unsigned long address,
entry = do_dcache_icache_coherency(entry);
changed = !pte_same(*(ptep), entry);
if (changed) {
- assert_pte_locked(vma-vm_mm, address);
+ if (!(vma-vm_flags VM_HUGETLB))
+ assert_pte_locked(vma-vm_mm, address);
__ptep_set_access_flags(ptep, entry);
flush_tlb_page_nohash(vma, address);
}
___
Linuxppc-dev mailing list
Linuxppc-dev@ozlabs.org
https://ozlabs.org/mailman/listinfo/linuxppc-dev
Re: [BUG] 2.6.30-rc3: BUG triggered on some hugepage usages
On Fri, 2009-04-24 at 10:51 +0100, Mel Gorman wrote: I'm seeing some tests with sysbench+postgres+large pages fail on ppc64 although a very clear pattern is not forming as to what exactly is causing it. However, the libhugetlbfs regression tests (make make func) are triggering the following oops when calling mlock() and so are likely related. This would be a spurrious WARN_ON().. the test I added in there should not apply to huge pages. However, I don't see that causing a functional problem with sysbench+postgres Ben. ___ Linuxppc-dev mailing list Linuxppc-dev@ozlabs.org https://ozlabs.org/mailman/listinfo/linuxppc-dev
[BUG] 2.6.30-rc3: BUG triggered on some hugepage usages
On Tue, Apr 21, 2009 at 08:27:57PM -0700, Linus Torvalds wrote:
Another week, another -rc.
I'm seeing some tests with sysbench+postgres+large pages fail on ppc64
although a very clear pattern is not forming as to what exactly is
causing it. However, the libhugetlbfs regression tests (make make
func) are triggering the following oops when calling mlock() and so are
likely related.
[ cut here ]
kernel BUG at arch/powerpc/mm/pgtable.c:243!
Oops: Exception in kernel mode, sig: 5 [#1]
SMP NR_CPUS=128 NUMA pSeries
Modules linked in: dm_snapshot dm_mirror dm_region_hash dm_log qla2xxx
loop nfnetlink iptable_filter iptable_nat nf_nat ip_tables
nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT
xt_tcpudp xt_limit ipt_LOG xt_pkttype x_tables
NIP: c002becc LR: c002c02c CTR:
REGS: c000ea92b4c0 TRAP: 0700 Not tainted (2.6.30-rc3-autokern1)
MSR: 80029032 EE,ME,CE,IR,DR CR: 28000484 XER: 2020
TASK = c395b660[7611] 'mlock' THREAD: c000ea928000 CPU: 3
GPR00: 0001 c000ea92b740 c08ea170 c000ec7d4980
GPR04: 3f00 c001e2278cf8 00190393 0001
GPR08: f2bc 0113 c001e2278c81
GPR12: 44000482 c093b880 28004422
GPR16: c000ea92bbf0 c09f06f0 00190113 c000ec7d4980
GPR20: f2bc 3f00 c001e2278cf8
GPR24: c000eaa90bb0 c000eaa90bb0 c000ea928000
GPR28: f2bc 00190393 0001 c001e2278cf8
NIP [c002becc] .assert_pte_locked+0x54/0x8c
LR [c002c02c] .ptep_set_access_flags+0x50/0x8c
Call Trace:
[c000ea92b740] [c000eaa90bb0] 0xc000eaa90bb0 (unreliable)
[c000ea92b7d0] [c00ed1b0] .hugetlb_cow+0xd4/0x654
[c000ea92b900] [c00edbf0] .hugetlb_fault+0x4c0/0x708
[c000ea92b9f0] [c00ee890] .follow_hugetlb_page+0x174/0x364
[c000ea92bae0] [c00d8d30] .__get_user_pages+0x288/0x4c0
[c000ea92bbb0] [c00da10c] .make_pages_present+0xa0/0xe0
[c000ea92bc40] [c00db758] .mlock_fixup+0x90/0x228
[c000ea92bd00] [c00dbb38] .do_mlock+0xc4/0x128
[c000ea92bda0] [c00dbccc] .SyS_mlock+0xb0/0xec
[c000ea92be30] [c000852c] syscall_exit+0x0/0x40
Instruction dump:
0b00 78892662 79291f24 7d69582a 7d600074 7800d182 0b00 78895e62
79291f24 7d29582a 7d200074 7800d182 0b00 3c004000 3960
780007c6
---[ end trace 36a7faa04fa9452b ]---
This corresponds to
#ifdef CONFIG_DEBUG_VM
void assert_pte_locked(struct mm_struct *mm, unsigned long addr)
{
pgd_t *pgd;
pud_t *pud;
pmd_t *pmd;
if (mm == init_mm)
return;
pgd = mm-pgd + pgd_index(addr);
BUG_ON(pgd_none(*pgd));
pud = pud_offset(pgd, addr);
BUG_ON(pud_none(*pud));
pmd = pmd_offset(pud, addr);
BUG_ON(!pmd_present(*pmd)); - THIS LINE
BUG_ON(!spin_is_locked(pte_lockptr(mm, pmd)));
}
#endif /* CONFIG_DEBUG_VM */
This area was last changed by commit 8d30c14cab30d405a05f2aaceda1e9ad57800f36
in the 2.6.30-rc1 timeframe. I think there was another hugepage-related
problem with this patch but I can't remember what it was. Full dmesg is
dmesg
Using pSeries machine description
Page orders: linear mapping = 24, virtual = 12, io = 12, vmemmap = 24
Found initrd at 0xc330:0xc4b67000
console [udbg0] enabled
Partition configured for 8 cpus.
CPU maps initialized for 2 threads per core
(thread shift is 1)
Starting Linux PPC64 #1 SMP Fri Apr 24 09:08:10 UTC 2009
-
ppc64_pft_size= 0x1b
physicalMemorySize= 0x1e800
htab_hash_mask= 0xf
-
Initializing cgroup subsys cpuset
Linux version 2.6.30-rc3-autokern1 (r...@elm3a121) (gcc version 4.1.2 20061115
(prerelease) (Debian 4.1.1-21)) #1 SMP Fri Apr 24 09:08:10 UTC 2009
[boot]0012 Setup Arch
Node 0 Memory: 0x0-0xee00
Node 1 Memory: 0xee00-0x1e800
PCI host bridge /p...@8002001 ranges:
IO 0x03fe0010..0x03fe001f - 0x
MEM 0x04008000..0x0400bfff - 0xc000
PCI host bridge /p...@8002002 ranges:
IO 0x03fe0060..0x03fe006f - 0x
MEM 0x0401..0x04017fff - 0x8000
PCI host bridge /p...@8002003 ranges:
IO 0x03fe0030..0x03fe003f - 0x
MEM 0x0400c000..0x0400 - 0xc000
EEH: PCI Enhanced I/O Error Handling Enabled
PPC64 nvram contains 7168 bytes
Using dedicated idle loop
Zone PFN ranges:
DMA 0x - 0x001e8000
Normal 0x001e8000 - 0x001e8000
Re: [BUG] 2.6.30-rc3: BUG triggered on some hugepage usages
On Fri, 2009-04-24 at 10:51 +0100, Mel Gorman wrote:
On Tue, Apr 21, 2009 at 08:27:57PM -0700, Linus Torvalds wrote:
Another week, another -rc.
I'm seeing some tests with sysbench+postgres+large pages fail on ppc64
although a very clear pattern is not forming as to what exactly is
causing it. However, the libhugetlbfs regression tests (make make
func) are triggering the following oops when calling mlock() and so are
likely related.
[ cut here ]
kernel BUG at arch/powerpc/mm/pgtable.c:243!
Oops: Exception in kernel mode, sig: 5 [#1]
SMP NR_CPUS=128 NUMA pSeries
Modules linked in: dm_snapshot dm_mirror dm_region_hash dm_log qla2xxx
loop nfnetlink iptable_filter iptable_nat nf_nat ip_tables
nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT
xt_tcpudp xt_limit ipt_LOG xt_pkttype x_tables
NIP: c002becc LR: c002c02c CTR:
REGS: c000ea92b4c0 TRAP: 0700 Not tainted (2.6.30-rc3-autokern1)
MSR: 80029032 EE,ME,CE,IR,DR CR: 28000484 XER: 2020
TASK = c395b660[7611] 'mlock' THREAD: c000ea928000 CPU: 3
GPR00: 0001 c000ea92b740 c08ea170 c000ec7d4980
GPR04: 3f00 c001e2278cf8 00190393 0001
GPR08: f2bc 0113 c001e2278c81
GPR12: 44000482 c093b880 28004422
GPR16: c000ea92bbf0 c09f06f0 00190113 c000ec7d4980
GPR20: f2bc 3f00 c001e2278cf8
GPR24: c000eaa90bb0 c000eaa90bb0 c000ea928000
GPR28: f2bc 00190393 0001 c001e2278cf8
NIP [c002becc] .assert_pte_locked+0x54/0x8c
LR [c002c02c] .ptep_set_access_flags+0x50/0x8c
Call Trace:
[c000ea92b740] [c000eaa90bb0] 0xc000eaa90bb0 (unreliable)
[c000ea92b7d0] [c00ed1b0] .hugetlb_cow+0xd4/0x654
[c000ea92b900] [c00edbf0] .hugetlb_fault+0x4c0/0x708
[c000ea92b9f0] [c00ee890] .follow_hugetlb_page+0x174/0x364
[c000ea92bae0] [c00d8d30] .__get_user_pages+0x288/0x4c0
[c000ea92bbb0] [c00da10c] .make_pages_present+0xa0/0xe0
[c000ea92bc40] [c00db758] .mlock_fixup+0x90/0x228
[c000ea92bd00] [c00dbb38] .do_mlock+0xc4/0x128
[c000ea92bda0] [c00dbccc] .SyS_mlock+0xb0/0xec
[c000ea92be30] [c000852c] syscall_exit+0x0/0x40
Instruction dump:
0b00 78892662 79291f24 7d69582a 7d600074 7800d182 0b00 78895e62
79291f24 7d29582a 7d200074 7800d182 0b00 3c004000 3960
780007c6
---[ end trace 36a7faa04fa9452b ]---
This corresponds to
#ifdef CONFIG_DEBUG_VM
void assert_pte_locked(struct mm_struct *mm, unsigned long addr)
{
pgd_t *pgd;
pud_t *pud;
pmd_t *pmd;
if (mm == init_mm)
return;
pgd = mm-pgd + pgd_index(addr);
BUG_ON(pgd_none(*pgd));
pud = pud_offset(pgd, addr);
BUG_ON(pud_none(*pud));
pmd = pmd_offset(pud, addr);
BUG_ON(!pmd_present(*pmd)); - THIS LINE
BUG_ON(!spin_is_locked(pte_lockptr(mm, pmd)));
}
#endif /* CONFIG_DEBUG_VM */
This area was last changed by commit 8d30c14cab30d405a05f2aaceda1e9ad57800f36
in the 2.6.30-rc1 timeframe. I think there was another hugepage-related
problem with this patch but I can't remember what it was.
It broke modules, but I don't remember anything hugepage related.
So the code changed from:
-#define ptep_set_access_flags(__vma, __address, __ptep, __entry, __dirty) \
-({\
- int __changed = !pte_same(*(__ptep), __entry); \
- if (__changed) { \
- __ptep_set_access_flags(__ptep, __entry, __dirty); \
- flush_tlb_page_nohash(__vma, __address); \
- } \
- __changed; \
-})
to:
+int ptep_set_access_flags(struct vm_area_struct *vma, unsigned long address,
+ pte_t *ptep, pte_t entry, int dirty)
+{
+ int changed;
+ if (!dirty pte_need_exec_flush(entry, 0))
+ entry = do_dcache_icache_coherency(entry);
+ changed = !pte_same(*(ptep), entry);
+ if (changed) {
+ assert_pte_locked(vma-vm_mm, address);
+ __ptep_set_access_flags(ptep, entry);
+ flush_tlb_page_nohash(vma, address);
+ }
+ return changed;
+}
So the call to assert_pte_locked() is new. And it's never going to work
for huge pages, the page table structure is different right? Notice
pte_update() checks (arch/powerpc/include/asm/pgtable-ppc64.h):
198
