Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp428495ybz; Wed, 29 Apr 2020 02:50:56 -0700 (PDT) X-Google-Smtp-Source: APiQypJ7Dsn97uh/xbxVeNdAO8CADW9FyDOusJL+e5hoPA8YzfusixDkycp4imOcSgaPBXI7RadH X-Received: by 2002:a17:906:f288:: with SMTP id gu8mr1836485ejb.281.1588153856001; Wed, 29 Apr 2020 02:50:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1588153855; cv=none; d=google.com; s=arc-20160816; b=DeUUZkFvN1VZL/fMl+hkCNfnni44seSM72aMpmnihytLPBBgZ3iqJy8Eed7S8q9bxn F/AopsmjmmsT9TBsyr+6ovEClJGHjCpqyqa2bXBggesZnEPsk54srS+8vE6FvRwu5i6c 9DzggXJUB5W2pDQxNp3rGx/kb6XwdN1WA7Vzt8z0hj6LmE9GrnQ6H3Wo7pkp4boOP7Xb wtTBZWTjpoKHRW7DOAOLlEAnx/Kt5z+GTD3Lphrq6IE4FEN7rniX/Bq0Zk+x5z6beOnt kl8dAvKuHgzhEXn41TnxH0/QP9ITQJ/mi1ZrmBxUKZ4EYJxMnu4JslOW5aAQdP9YmkM9 WrjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:subject:cc:to:from:date; bh=vw9X5595rpKtQN+0LcRfMQzOZXR+lcpmSf4CN14LLHY=; b=CwbiRVFGk1TiTrzrkoS+ePWLMV0/2yDbBt7SqRl1okUb+5keCD+CoNYuqhos+ejSwo wxFmQQg986Ok2o5s/05u80eMGueIdJPQrjuu87x19qyA5/pRx3/4+wyeQKV8SLo3JpcQ WI8IrVYoSfdRyLJDivZl369XCauVZvKFv6TYDRv4N3lKOkuUmqS4+MD/8FI7W+98xHhu VA0tR82QhSySptnb31Mllsv1S2j1u2HsO6t23P917h+3TDGGNgAUIBYapceTQfvChHNp WGUJqxbxz77wT0NRsT5rT98zs6fBDJtkOIWnSiWizqpg1SQoy7hoSRCgitCR0hCHvBL6 1Dyw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h4si3109989edv.521.2020.04.29.02.50.32; Wed, 29 Apr 2020 02:50:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726535AbgD2JtB (ORCPT + 99 others); Wed, 29 Apr 2020 05:49:01 -0400 Received: from mail.kernel.org ([198.145.29.99]:53896 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726345AbgD2JtA (ORCPT ); Wed, 29 Apr 2020 05:49:00 -0400 Received: from oasis.local.home (cpe-66-24-58-225.stny.res.rr.com [66.24.58.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 410BA20775; Wed, 29 Apr 2020 09:48:59 +0000 (UTC) Date: Wed, 29 Apr 2020 05:48:57 -0400 From: Steven Rostedt To: LKML Cc: Joerg Roedel , Ingo Molnar , Thomas Gleixner , Peter Zijlstra , Borislav Petkov , Andrew Morton , Shile Zhang , Andy Lutomirski , "Rafael J. Wysocki" , Dave Hansen , Tzvetomir Stoyanov Subject: [RFC][PATCH] x86/mm: Sync all vmalloc mappings before text_poke() Message-ID: <20200429054857.66e8e333@oasis.local.home> X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Steven Rostedt (VMware) Tzvetomir was adding a feature to trace-cmd that would allow the user to specify filtering on process IDs within a tracing instance (or buffer). When he added this feature and tested it on tracing PIDs 1 and 2, it caused his kernel to hang. He sent me his code and I was able to reproduce the hang as well. I bisected it down to this commit 763802b53a42 ("x86/mm: split vmalloc_sync_all()"). It was 100% reproducible. With the commit it would hang, and reverting the commit, it would work. Adding a bunch of printk()s, I found where it locked up. It was after the recording was finished, and a write of "0" to tracefs/instance/foo/events/enable. And in the code, it was: (you may skip to the end of the chain) system_enable_write() { __ftrace_set_clr_event() { __ftrace_set_clr_event_nolock() { ftrace_event_enable_disable() { __ftrace_event_enable_disable() { call->class->reg() { trace_point_probe_unregister() { tracepoint_remove_func() { static_key_slow_dec() { __static_key_slow_dec() { __static_key_slow_dec_cpus_locked() { jump_label_update() { __jump_label_update() arch_jump_label_transform() { jump_label_transform() { __jump_label_transform() { text_poke_bp() { text_poke_bp_batch() { text_poke() { __text_poke() { (This is where you want to see) use_temporary_mm() { switch_mm_irqs_off() { load_new_mm_cr3() { write_cr3() <<--- Lock up! The really strange part about this, is that this only crashes if we filter the PIDs on an instance (and via trace-cmd, which does some initial clean ups). But it works fine when doing from the top level tracing buffer, or by doing this manually. I'm not sure how vmalloc gets involved with this. Anyway, I tried the following patch, and it fixes the lockup for both myself and Tzvetomir. But since I'm not 100% sure what broke, I'm sending this out as an RFC. Fixes: 763802b53a42 ("x86/mm: split vmalloc_sync_all()") Reported-by: Tzvetomir Stoyanov (VMware) Signed-off-by: Steven Rostedt (VMware) --- diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 7867dfb3963e..015dd30a2260 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -802,6 +802,8 @@ static void *__text_poke(void *addr, const void *opcode, size_t len) */ BUG_ON(!after_bootmem); + vmalloc_sync_mappings(); + if (!core_kernel_text((unsigned long)addr)) { pages[0] = vmalloc_to_page(addr); if (cross_page_boundary)