Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1928331ybz;
        Thu, 30 Apr 2020 07:55:54 -0700 (PDT)
X-Google-Smtp-Source: APiQypLfvCXMRLrQxx9BMR86pC1Aw/ZIM1Kxk5csw0m4nv3LqtegjTIKJGf+IQpc8b8Lyn4Ekx/4
X-Received: by 2002:a17:906:328f:: with SMTP id 15mr3184127ejw.33.1588258554316;
        Thu, 30 Apr 2020 07:55:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1588258554; cv=none;
        d=google.com; s=arc-20160816;
        b=XtC6xlVWnFH+pEOZUtVT1eqsikMBDssVPXRCfhr1gd0xD3xfet/kk4tvZxbpSN2lLD
         4Xp1CMGmiqUcHwGfbrxzbDleYlU5C1foUqAWQQeZExcc962yzCeJMsOI5yIpsbUT2eNP
         +YH3VLrQ6GvHojtqyWLRPIeG7Xw9B2+NnxcDnM24gkqWHnnGBShoJaFiuV0qrLnfefIM
         4qRuRibo29f2IYAvHdJbucyvc3rafLfmA+a5UIBBWLwQWQCM+h3l3aSktfniEK6qoy+m
         AjnBmuWvttM3OrDDt1Zzkao4ryvPmeGarlV9KtTb3iEVP76Lii0wqPJjvJFOgdqkHq0c
         juFw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=SDjjYOl2hAPtXADXWNSODFRcgv5TEmiMl3nBMjD50Y0=;
        b=UEuhpwQqiWbcEzT1eQk4IHk5aajWuW6VR46FP0ohsAby/nN8SjWphU7xjXPEiS5Ch0
         jtZqVqnchJO/82kgP+aLABoa6rFTuGAp89QACdokGUTmPd4QPcIi5fQo3tnW415QTQ8X
         bDoPwDwcfQCDVFV8IQuZ5HMJRJTkCO26RKDyCY4Vt0KFB87twVczTH6gZs+pQRC68r11
         A07XMpbBe4ea/eYWrUPtKwfVhzu9K7l6agpPU0mW9wAQBupDBqGFtdYJCTCp6GVHne8S
         H+9B7sxvcRwzLfFD6YK6fXl815KM+2wgMFQdpqBe/KW5yIcS1wXCGMR9GnpE3HLUbHQn
         WASw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id o20si5510386eja.517.2020.04.30.07.55.05;
        Thu, 30 Apr 2020 07:55:54 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726827AbgD3OvC (ORCPT <rfc822;krseo358@gmail.com> + 99 others);
        Thu, 30 Apr 2020 10:51:02 -0400
Received: from mx2.suse.de ([195.135.220.15]:59788 "EHLO mx2.suse.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726357AbgD3OvC (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 30 Apr 2020 10:51:02 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.220.254])
        by mx2.suse.de (Postfix) with ESMTP id 5F409AC69;
        Thu, 30 Apr 2020 14:50:59 +0000 (UTC)
Date:   Thu, 30 Apr 2020 16:50:57 +0200
From:   Joerg Roedel <jroedel@suse.de>
To:     Steven Rostedt <rostedt@goodmis.org>
Cc:     LKML <linux-kernel@vger.kernel.org>,
        Ingo Molnar <mingo@kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Peter Zijlstra <peterz@infradead.org>,
        Borislav Petkov <bp@alien8.de>,
        Andrew Morton <akpm@linux-foundation.org>,
        Shile Zhang <shile.zhang@linux.alibaba.com>,
        Andy Lutomirski <luto@amacapital.net>,
        "Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
        Dave Hansen <dave.hansen@linux.intel.com>,
        Tzvetomir Stoyanov <tz.stoyanov@gmail.com>,
        Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Subject: Re: [RFC][PATCH] x86/mm: Sync all vmalloc mappings before text_poke()
Message-ID: <20200430145057.GB8135@suse.de>
References: <20200429054857.66e8e333@oasis.local.home>
 <20200429105941.GQ30814@suse.de>
 <20200429082854.6e1796b5@oasis.local.home>
 <20200429100731.201312a9@gandalf.local.home>
 <20200430141120.GA8135@suse.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20200430141120.GA8135@suse.de>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Apr 30, 2020 at 04:11:20PM +0200, Joerg Roedel wrote:
> The page-fault handler calls a tracing function which again ends up in
> trace_event_ignore_this_pid(), where it faults again. From here on the CPU is in
> a page-fault loop, which continues until the stack overflows (with
> CONFIG_VMAP_STACK).

Did some more testing to find out what this issue has to do with

	763802b53a42 x86/mm: split vmalloc_sync_all()

Above commit removes a call to vmalloc_sync_all() from the vmalloc
unmapping path, because that call caused severe performance regressions
on some workloads and was not needed on x86-64 anyway.

But that call caused vmalloc_sync_all() to be called regularily on
x86-64 machines, so that all page-tables were more likely to be in sync.

The call was introduced by commit

	3f8fd02b1bf1 mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()

to fix a correctness issue on x86-32 PAE systems, which also need
unmappings of large pages in the vmalloc area to be synchronized.

This additional call to vmalloc_sync_all() did hide the problem. I
verified it by reverting both of the above commits on v5.7-rc3 and
testing on that kernel. The problem is reproducible there too, the box
hangs hard.

So the underlying problem is that a vmalloc()'ed tracing buffer is used
to trace the page-fault handler, so that it has no chance of faulting in
the buffer address to poking_mm and maybe other PGDs.

The right fix is to call vmalloc_sync_mappings() right after allocating
tracing or perf buffers via v[zm]alloc().

Regards,

	Joerg