Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp2054801imm; Thu, 24 May 2018 05:09:50 -0700 (PDT) X-Google-Smtp-Source: AB8JxZowr6wgIRmo+ZEezx+S9ggBs1l7ysxLV5P3gX1qQNJWf6NsZPqm8OIGDHebcZF2NxJEiM1T X-Received: by 2002:a62:cca:: with SMTP id 71-v6mr6970773pfm.61.1527163790898; Thu, 24 May 2018 05:09:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527163790; cv=none; d=google.com; s=arc-20160816; b=iIuEoBayimOiwDuXoVXIcbUO+WuuYsJrqv1trIzRjd7iBe7AbIj1ghI0KXtdTXhexi n8mZtqeo9gP7P9ytiZCgTfbkIDKrUb/IfF+z7UAMzgIPMOEnYKVRm6B90Wz7th+ZHFto yL/rg7CqPamFgPRjXM+rFHIr9Hy24GhLctcKae5ebnHjwM9dKcMLuDLEIeJF9j6xUjyF f7akByLpFgtNfMjeYN0GOIXbeJy9p9TH67U+ydBvGjOrK/ZvNQ+db1CttuVBpuRuiipm dvuyCCTcP9NFfokSznklUy8yT1I45+S+XWipdt8fA7zpn4aZs/SAxO1VEWECB9F4Zicr 6rDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=K8suFdM8Cut7r4HbawjIxLg/GU4h9iwFEDWQhriqIkk=; b=GAExXnriky/uUZ+9aonFZIbkI2VfbGlYfO7UiVND2PAcNitztEd4zwoaSfoa3SfpR4 YTebG6WLYGivNre2Rppq1n99QBNPK0NKbrN6mi8Bf+7RvBqRWVS2HJ96Q1fGmR0ijt9V rw4c+B9Cvi831TFhJNB7KtGkV8PbgdWWpBNq1KHIw31TkiV3HbN3dAtosPLvTYisov6R Efc8HV7uAXUx7Guy+KLXfJmUq3oREnvCdl730ttNYZcMHDvKs79HO+jnfajMG4IaMThK H8ApgkS7HdTJcB9V1l8p2YoY89QbJwnFAdzdg5NBcvY/HgE16s3pT46sgmEphIgvLTFd yE6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=REs4J37Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p2-v6si12153377pgn.187.2018.05.24.05.09.33; Thu, 24 May 2018 05:09:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=REs4J37Y; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S969589AbeEXMIt (ORCPT + 99 others); Thu, 24 May 2018 08:08:49 -0400 Received: from mail.kernel.org ([198.145.29.99]:54966 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S966019AbeEXJne (ORCPT ); Thu, 24 May 2018 05:43:34 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 525032087E; Thu, 24 May 2018 09:43:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1527155013; bh=ne2lsAHlX9QEbwmKKX5/UJ5iw5fpJHZMP3hhRvQfueI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=REs4J37YyWLhN2CWG0p9ZiDwDRyJ7dcfaqcqZVCQto+a25qtqC7g/Z93MtDc0TQyy Miq9w4qW+Drpdd+Myeiak3Q3gbsT1XMLzSKWHJ5ozp8dULJTwVXtduLv5xfovheQ0a vI1zPzs2tV7JaVYG1GzRzQFkqucoLwNETOgKSkGY= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Mel Gorman , "Peter Zijlstra (Intel)" , Linus Torvalds , Ben Hutchings Subject: [PATCH 4.4 24/92] futex: Remove unnecessary warning from get_futex_key Date: Thu, 24 May 2018 11:38:01 +0200 Message-Id: <20180524093201.292871511@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180524093159.286472249@linuxfoundation.org> References: <20180524093159.286472249@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.4-stable review patch. If anyone has any objections, please let me know. ------------------ From: Mel Gorman commit 48fb6f4db940e92cfb16cd878cddd59ea6120d06 upstream. Commit 65d8fc777f6d ("futex: Remove requirement for lock_page() in get_futex_key()") removed an unnecessary lock_page() with the side-effect that page->mapping needed to be treated very carefully. Two defensive warnings were added in case any assumption was missed and the first warning assumed a correct application would not alter a mapping backing a futex key. Since merging, it has not triggered for any unexpected case but Mark Rutland reported the following bug triggering due to the first warning. kernel BUG at kernel/futex.c:679! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP Modules linked in: CPU: 0 PID: 3695 Comm: syz-executor1 Not tainted 4.13.0-rc3-00020-g307fec773ba3 #3 Hardware name: linux,dummy-virt (DT) task: ffff80001e271780 task.stack: ffff000010908000 PC is at get_futex_key+0x6a4/0xcf0 kernel/futex.c:679 LR is at get_futex_key+0x6a4/0xcf0 kernel/futex.c:679 pc : [] lr : [] pstate: 80000145 The fact that it's a bug instead of a warning was due to an unrelated arm64 problem, but the warning itself triggered because the underlying mapping changed. This is an application issue but from a kernel perspective it's a recoverable situation and the warning is unnecessary so this patch removes the warning. The warning may potentially be triggered with the following test program from Mark although it may be necessary to adjust NR_FUTEX_THREADS to be a value smaller than the number of CPUs in the system. #include #include #include #include #include #include #include #include #define NR_FUTEX_THREADS 16 pthread_t threads[NR_FUTEX_THREADS]; void *mem; #define MEM_PROT (PROT_READ | PROT_WRITE) #define MEM_SIZE 65536 static int futex_wrapper(int *uaddr, int op, int val, const struct timespec *timeout, int *uaddr2, int val3) { syscall(SYS_futex, uaddr, op, val, timeout, uaddr2, val3); } void *poll_futex(void *unused) { for (;;) { futex_wrapper(mem, FUTEX_CMP_REQUEUE_PI, 1, NULL, mem + 4, 1); } } int main(int argc, char *argv[]) { int i; mem = mmap(NULL, MEM_SIZE, MEM_PROT, MAP_SHARED | MAP_ANONYMOUS, -1, 0); printf("Mapping @ %p\n", mem); printf("Creating futex threads...\n"); for (i = 0; i < NR_FUTEX_THREADS; i++) pthread_create(&threads[i], NULL, poll_futex, NULL); printf("Flipping mapping...\n"); for (;;) { mmap(mem, MEM_SIZE, MEM_PROT, MAP_FIXED | MAP_SHARED | MAP_ANONYMOUS, -1, 0); } return 0; } Reported-and-tested-by: Mark Rutland Signed-off-by: Mel Gorman Acked-by: Peter Zijlstra (Intel) Cc: stable@vger.kernel.org # 4.7+ Signed-off-by: Linus Torvalds Cc: Ben Hutchings Signed-off-by: Greg Kroah-Hartman --- kernel/futex.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- a/kernel/futex.c +++ b/kernel/futex.c @@ -666,13 +666,14 @@ again: * this reference was taken by ihold under the page lock * pinning the inode in place so i_lock was unnecessary. The * only way for this check to fail is if the inode was - * truncated in parallel so warn for now if this happens. + * truncated in parallel which is almost certainly an + * application bug. In such a case, just retry. * * We are not calling into get_futex_key_refs() in file-backed * cases, therefore a successful atomic_inc return below will * guarantee that get_futex_key() will still imply smp_mb(); (B). */ - if (WARN_ON_ONCE(!atomic_inc_not_zero(&inode->i_count))) { + if (!atomic_inc_not_zero(&inode->i_count)) { rcu_read_unlock(); put_page(page_head);