From: Shan Hai <haishan.bai@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: tony.luck@intel.com, Peter Zijlstra <a.p.zijlstra@chello.nl>,
Peter Zijlstra <peterz@infradead.org>,
linux-kernel@vger.kernel.org, cmetcalf@tilera.com,
dhowells@redhat.com, paulus@samba.org, tglx@linutronix.de,
walken@google.com, linuxppc-dev@lists.ozlabs.org
Subject: Re: [RFC/PATCH] mm/futex: Fix futex writes on archs with SW tracking of dirty & young
Date: Fri, 22 Jul 2011 09:54:39 +0800 [thread overview]
Message-ID: <4E28D85F.5000009@gmail.com> (raw)
In-Reply-To: <20110721155938.2ff2dab5.akpm@linux-foundation.org>
On 07/22/2011 06:59 AM, Andrew Morton wrote:
> On Fri, 22 Jul 2011 08:52:06 +1000
> Benjamin Herrenschmidt<benh@kernel.crashing.org> wrote:
>
>> On Thu, 2011-07-21 at 15:36 -0700, Andrew Morton wrote:
>>> On Tue, 19 Jul 2011 14:29:22 +1000
>>> Benjamin Herrenschmidt<benh@kernel.crashing.org> wrote:
>>>
>>>> The futex code currently attempts to write to user memory within
>>>> a pagefault disabled section, and if that fails, tries to fix it
>>>> up using get_user_pages().
>>>>
>>>> This doesn't work on archs where the dirty and young bits are
>>>> maintained by software, since they will gate access permission
>>>> in the TLB, and will not be updated by gup().
>>>>
>>>> In addition, there's an expectation on some archs that a
>>>> spurious write fault triggers a local TLB flush, and that is
>>>> missing from the picture as well.
>>>>
>>>> I decided that adding those "features" to gup() would be too much
>>>> for this already too complex function, and instead added a new
>>>> simpler fixup_user_fault() which is essentially a wrapper around
>>>> handle_mm_fault() which the futex code can call.
>>>>
>>>> Signed-off-by: Benjamin Herrenschmidt<benh@kernel.crashing.org>
>>>> ---
>>>>
>>>> Shan, can you test this ? It might not fix the problem
>>> um, what problem. There's no description here of the user-visible
>>> effects of the bug hence it's hard to work out what kernel version(s)
>>> should receive this patch.
>> Shan could give you an actual example (it was in the previous thread),
>> but basically, livelock as the kernel keeps trying and trying the
>> in_atomic op and never resolves it.
>>
>>> What kernel version(s) should receive this patch?
>> I haven't dug. Probably anything it applies on as far as we did that
>> trick of atomic + gup() for futex.
> You're not understanding me.
>
> I need a good reason to merge this into 3.0.
>
> The -stable maintainers need even better reasons to merge this into
> earlier kernels.
>
> Please provide those reasons!
>
Summary:
- Encountered a 100% CPU system usage problem on pthread_mutex allocated
in a
shared memory region, and the problem occurs only on setting
PRIORITY_INHERITANCE
to the pthread_mutex.
- ftrace result reveals that an infinite loop in the futex_lock_pi
caused high CPU usage.
- The powerpc e500 was affected but the x86 was not.
I have not tested on other archs so I am not sure whether the other
archs are attacked
by the problem.
- Tested it on 2.6.34 and 3.0-rc7, both are affected, earlier versions
might be affected.
Please refer the threads "[PATCH 0/1] Fixup write permission of TLB on
powerpc e500 core"
and "[PATCH 1/1] Fixup write permission of TLB on powerpc e500 core" for
the whole story.
Provided the test case code in the [PATH 0/1].
Thanks
Shan Hai
> (Documentation/stable_kernel_rules.txt, 4th bullet)
>
> (And it's not just me and -stable maintainers. Distro maintainers will
> also look at this patch and wonder whether they should merge it)
WARNING: multiple messages have this Message-ID (diff)
From: Shan Hai <haishan.bai@gmail.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Peter Zijlstra <peterz@infradead.org>,
Peter Zijlstra <a.p.zijlstra@chello.nl>,
paulus@samba.org, tglx@linutronix.de, walken@google.com,
dhowells@redhat.com, cmetcalf@tilera.com, tony.luck@intel.com,
linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org
Subject: Re: [RFC/PATCH] mm/futex: Fix futex writes on archs with SW tracking of dirty & young
Date: Fri, 22 Jul 2011 09:54:39 +0800 [thread overview]
Message-ID: <4E28D85F.5000009@gmail.com> (raw)
In-Reply-To: <20110721155938.2ff2dab5.akpm@linux-foundation.org>
On 07/22/2011 06:59 AM, Andrew Morton wrote:
> On Fri, 22 Jul 2011 08:52:06 +1000
> Benjamin Herrenschmidt<benh@kernel.crashing.org> wrote:
>
>> On Thu, 2011-07-21 at 15:36 -0700, Andrew Morton wrote:
>>> On Tue, 19 Jul 2011 14:29:22 +1000
>>> Benjamin Herrenschmidt<benh@kernel.crashing.org> wrote:
>>>
>>>> The futex code currently attempts to write to user memory within
>>>> a pagefault disabled section, and if that fails, tries to fix it
>>>> up using get_user_pages().
>>>>
>>>> This doesn't work on archs where the dirty and young bits are
>>>> maintained by software, since they will gate access permission
>>>> in the TLB, and will not be updated by gup().
>>>>
>>>> In addition, there's an expectation on some archs that a
>>>> spurious write fault triggers a local TLB flush, and that is
>>>> missing from the picture as well.
>>>>
>>>> I decided that adding those "features" to gup() would be too much
>>>> for this already too complex function, and instead added a new
>>>> simpler fixup_user_fault() which is essentially a wrapper around
>>>> handle_mm_fault() which the futex code can call.
>>>>
>>>> Signed-off-by: Benjamin Herrenschmidt<benh@kernel.crashing.org>
>>>> ---
>>>>
>>>> Shan, can you test this ? It might not fix the problem
>>> um, what problem. There's no description here of the user-visible
>>> effects of the bug hence it's hard to work out what kernel version(s)
>>> should receive this patch.
>> Shan could give you an actual example (it was in the previous thread),
>> but basically, livelock as the kernel keeps trying and trying the
>> in_atomic op and never resolves it.
>>
>>> What kernel version(s) should receive this patch?
>> I haven't dug. Probably anything it applies on as far as we did that
>> trick of atomic + gup() for futex.
> You're not understanding me.
>
> I need a good reason to merge this into 3.0.
>
> The -stable maintainers need even better reasons to merge this into
> earlier kernels.
>
> Please provide those reasons!
>
Summary:
- Encountered a 100% CPU system usage problem on pthread_mutex allocated
in a
shared memory region, and the problem occurs only on setting
PRIORITY_INHERITANCE
to the pthread_mutex.
- ftrace result reveals that an infinite loop in the futex_lock_pi
caused high CPU usage.
- The powerpc e500 was affected but the x86 was not.
I have not tested on other archs so I am not sure whether the other
archs are attacked
by the problem.
- Tested it on 2.6.34 and 3.0-rc7, both are affected, earlier versions
might be affected.
Please refer the threads "[PATCH 0/1] Fixup write permission of TLB on
powerpc e500 core"
and "[PATCH 1/1] Fixup write permission of TLB on powerpc e500 core" for
the whole story.
Provided the test case code in the [PATH 0/1].
Thanks
Shan Hai
> (Documentation/stable_kernel_rules.txt, 4th bullet)
>
> (And it's not just me and -stable maintainers. Distro maintainers will
> also look at this patch and wonder whether they should merge it)
next prev parent reply other threads:[~2011-07-22 1:56 UTC|newest]
Thread overview: 138+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-15 8:07 [PATCH 0/1] Fixup write permission of TLB on powerpc e500 core Shan Hai
2011-07-15 8:07 ` Shan Hai
2011-07-15 8:07 ` [PATCH 1/1] " Shan Hai
2011-07-15 8:07 ` Shan Hai
2011-07-15 10:23 ` Peter Zijlstra
2011-07-15 10:23 ` Peter Zijlstra
2011-07-15 15:18 ` Shan Hai
2011-07-15 15:18 ` Shan Hai
2011-07-15 15:24 ` Peter Zijlstra
2011-07-15 15:24 ` Peter Zijlstra
2011-07-16 15:36 ` Shan Hai
2011-07-16 15:36 ` Shan Hai
2011-07-16 14:50 ` Shan Hai
2011-07-16 14:50 ` Shan Hai
2011-07-16 23:49 ` Benjamin Herrenschmidt
2011-07-16 23:49 ` Benjamin Herrenschmidt
2011-07-17 9:38 ` Peter Zijlstra
2011-07-17 9:38 ` Peter Zijlstra
2011-07-17 14:29 ` Benjamin Herrenschmidt
2011-07-17 14:29 ` Benjamin Herrenschmidt
2011-07-17 23:14 ` Benjamin Herrenschmidt
2011-07-17 23:14 ` Benjamin Herrenschmidt
2011-07-18 3:53 ` Benjamin Herrenschmidt
2011-07-18 3:53 ` Benjamin Herrenschmidt
2011-07-18 4:02 ` Benjamin Herrenschmidt
2011-07-18 4:02 ` Benjamin Herrenschmidt
2011-07-18 4:01 ` Benjamin Herrenschmidt
2011-07-18 4:01 ` Benjamin Herrenschmidt
2011-07-18 6:48 ` Shan Hai
2011-07-18 6:48 ` Shan Hai
2011-07-18 7:01 ` Benjamin Herrenschmidt
2011-07-18 7:01 ` Benjamin Herrenschmidt
2011-07-18 7:26 ` Shan Hai
2011-07-18 7:26 ` Shan Hai
2011-07-18 7:36 ` Benjamin Herrenschmidt
2011-07-18 7:36 ` Benjamin Herrenschmidt
2011-07-18 7:50 ` Shan Hai
2011-07-18 7:50 ` Shan Hai
2011-07-19 3:30 ` Shan Hai
2011-07-19 3:30 ` Shan Hai
2011-07-19 4:20 ` Benjamin Herrenschmidt
2011-07-19 4:20 ` Benjamin Herrenschmidt
2011-07-19 4:29 ` [RFC/PATCH] mm/futex: Fix futex writes on archs with SW tracking of dirty & young Benjamin Herrenschmidt
2011-07-19 4:29 ` Benjamin Herrenschmidt
2011-07-19 4:55 ` Shan Hai
2011-07-19 4:55 ` Shan Hai
2011-07-19 5:17 ` Shan Hai
2011-07-19 5:17 ` Shan Hai
2011-07-19 5:24 ` Benjamin Herrenschmidt
2011-07-19 5:24 ` Benjamin Herrenschmidt
2011-07-19 5:38 ` Shan Hai
2011-07-19 5:38 ` Shan Hai
2011-07-19 7:46 ` Benjamin Herrenschmidt
2011-07-19 7:46 ` Benjamin Herrenschmidt
2011-07-19 8:24 ` Shan Hai
2011-07-19 8:24 ` Shan Hai
2011-07-19 8:26 ` [RFC/PATCH] mm/futex: Fix futex writes on archs with SW trackingof " David Laight
2011-07-19 8:26 ` David Laight
2011-07-19 8:45 ` Benjamin Herrenschmidt
2011-07-19 8:45 ` Benjamin Herrenschmidt
2011-07-19 8:45 ` Shan Hai
2011-07-19 8:45 ` Shan Hai
2011-07-19 11:10 ` [RFC/PATCH] mm/futex: Fix futex writes on archs with SW tracking of " Peter Zijlstra
2011-07-19 11:10 ` Peter Zijlstra
2011-07-20 14:39 ` Darren Hart
2011-07-20 14:39 ` Darren Hart
2011-07-21 22:36 ` Andrew Morton
2011-07-21 22:36 ` Andrew Morton
2011-07-21 22:52 ` Benjamin Herrenschmidt
2011-07-21 22:52 ` Benjamin Herrenschmidt
2011-07-21 22:57 ` Benjamin Herrenschmidt
2011-07-21 22:57 ` Benjamin Herrenschmidt
2011-07-21 22:59 ` Andrew Morton
2011-07-21 22:59 ` Andrew Morton
2011-07-22 1:40 ` Benjamin Herrenschmidt
2011-07-22 1:40 ` Benjamin Herrenschmidt
2011-07-22 1:54 ` Shan Hai [this message]
2011-07-22 1:54 ` Shan Hai
2011-07-27 6:50 ` Mike Frysinger
2011-07-27 6:50 ` Mike Frysinger
2011-07-27 7:58 ` Benjamin Herrenschmidt
2011-07-27 7:58 ` Benjamin Herrenschmidt
2011-07-27 8:59 ` Peter Zijlstra
2011-07-27 8:59 ` Peter Zijlstra
2011-07-27 10:09 ` David Howells
2011-07-27 10:09 ` David Howells
2011-07-27 10:17 ` Peter Zijlstra
2011-07-27 10:17 ` Peter Zijlstra
2011-07-27 10:20 ` Benjamin Herrenschmidt
2011-07-27 10:20 ` Benjamin Herrenschmidt
2011-07-28 0:12 ` Mike Frysinger
2011-07-28 0:12 ` Mike Frysinger
2011-07-28 10:55 ` David Howells
2011-07-28 10:55 ` David Howells
2011-08-08 2:31 ` Mike Frysinger
2011-08-08 2:31 ` Mike Frysinger
2011-07-17 11:02 ` [PATCH 1/1] Fixup write permission of TLB on powerpc e500 core Peter Zijlstra
2011-07-17 11:02 ` Peter Zijlstra
2011-07-17 13:33 ` Shan Hai
2011-07-17 13:33 ` Shan Hai
2011-07-17 14:48 ` Benjamin Herrenschmidt
2011-07-17 14:48 ` Benjamin Herrenschmidt
2011-07-17 15:40 ` Shan Hai
2011-07-17 15:40 ` Shan Hai
2011-07-17 22:34 ` Benjamin Herrenschmidt
2011-07-17 22:34 ` Benjamin Herrenschmidt
2011-07-17 14:34 ` Benjamin Herrenschmidt
2011-07-17 14:34 ` Benjamin Herrenschmidt
2011-07-15 8:20 ` [PATCH 0/1] " Peter Zijlstra
2011-07-15 8:20 ` Peter Zijlstra
2011-07-15 8:38 ` MailingLists
2011-07-15 8:38 ` MailingLists
2011-07-15 8:44 ` Peter Zijlstra
2011-07-15 8:44 ` Peter Zijlstra
2011-07-15 9:08 ` Shan Hai
2011-07-15 9:08 ` Shan Hai
2011-07-15 9:12 ` Benjamin Herrenschmidt
2011-07-15 9:12 ` Benjamin Herrenschmidt
2011-07-15 9:50 ` Peter Zijlstra
2011-07-15 9:50 ` Peter Zijlstra
2011-07-15 10:06 ` Shan Hai
2011-07-15 10:06 ` Shan Hai
2011-07-15 10:32 ` David Laight
2011-07-15 10:32 ` David Laight
2011-07-15 10:39 ` Peter Zijlstra
2011-07-15 10:39 ` Peter Zijlstra
2011-07-15 15:32 ` Shan Hai
2011-07-15 15:32 ` Shan Hai
2011-07-16 0:20 ` Benjamin Herrenschmidt
2011-07-16 0:20 ` Benjamin Herrenschmidt
2011-07-16 15:03 ` Shan Hai
2011-07-16 15:03 ` Shan Hai
2011-07-15 23:47 ` Benjamin Herrenschmidt
2011-07-15 23:47 ` Benjamin Herrenschmidt
2011-07-15 9:07 ` Benjamin Herrenschmidt
2011-07-15 9:07 ` Benjamin Herrenschmidt
2011-07-15 9:05 ` Benjamin Herrenschmidt
2011-07-15 9:05 ` Benjamin Herrenschmidt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E28D85F.5000009@gmail.com \
--to=haishan.bai@gmail.com \
--cc=a.p.zijlstra@chello.nl \
--cc=akpm@linux-foundation.org \
--cc=cmetcalf@tilera.com \
--cc=dhowells@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=paulus@samba.org \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=tony.luck@intel.com \
--cc=walken@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.