Hi,
2.6.29-rc3 x86_64 guest on x86_64 RHEL5.3 host:
https://bugzilla.redhat.com/484295
kernel BUG at mm/filemap.c:123! invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC last sysfs file: /sys/devices/vbd-51712/block/xvda/xvda2/dev CPU 0 Modules linked in: ipv6 xts lrw gf128mul sha256_generic cbc dm_crypt dm_round_robin dm_multipath btrfs zlib_deflate libcrc32c xfs exportfs jfs reiserfs gfs2 msdos linear raid10 raid456 async_xor async_memcpy async_tx xor raid1 raid0 xen_netfront xen_blkfront iscsi_ibft iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ext2 ext4 jbd2 crc16 squashfs pcspkr nfs lockd nfs_acl auth_rpcgss sunrpc vfat fat cramfs Pid: 975, comm: sh Tainted: G B W 2.6.29-0.66.rc3.fc11.x86_64 #1 RIP: e030:[<ffffffff810a8b9e>] [<ffffffff810a8b9e>] __remove_from_page_cache+0x40/0xde RSP: e02b:ffff88007081f928 EFLAGS: 00010002 RAX: 000000000000000d RBX: ffffe20002e9b900 RCX: 0000000000000005 RDX: ffff88000000ac48 RSI: fffffffffffffff0 RDI: ffff880000009700 RBP: ffff88007081f938 R08: 0000000000000009 R09: ffff88007fc010c8 R10: ffffffff81087cc0 R11: ffff88007fa0b328 R12: ffff88007ba2d160 R13: 000000000000003a R14: 0000000000000002 R15: ffff88007081f9e8 FS: 00007f0a1576d6f0(0000) GS:ffffffff81934000(0000) knlGS:0000000000000000 CS: e033 DS: 0000 ES: 0000 CR0: 000000008005003b CR2: 00007f6308fd5580 CR3: 0000000001001000 CR4: 0000000000000660 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000000 Process sh (pid: 975, threadinfo ffff88007081e000, task ffff880070dda390) Stack: ffff88007ba2d178 ffffe20002e9b900 ffff88007081f958 ffffffff810a8c67 ffffe20002e9b900 000000000000003a ffff88007081f978 ffffffff810b0b27 0000000000000002 ffffe20002e9b900 ffff88007081fa78 ffffffff810b0c2b Call Trace: [<ffffffff810a8c67>] remove_from_page_cache+0x2b/0x38 [<ffffffff810b0b27>] truncate_complete_page+0x4c/0x61 [<ffffffff810b0c2b>] truncate_inode_pages_range+0xef/0x36e [<ffffffff810b0eb7>] truncate_inode_pages+0xd/0x12 [<ffffffff810f0937>] dispose_list+0x3b/0xf8 [<ffffffff810f0ce1>] invalidate_inodes+0xdc/0xfa [<ffffffff810e0dea>] generic_shutdown_super+0x4a/0xe8 [<ffffffff810e0eaa>] kill_block_super+0x22/0x3a [<ffffffff810e0f91>] deactivate_super+0x68/0x7d [<ffffffff810f3f6d>] mntput_no_expire+0x10d/0x14e [<ffffffff810dfd22>] __fput+0x18a/0x197 [<ffffffff810dfd47>] fput+0x18/0x1a [<ffffffff810c0ae1>] remove_vma+0x4f/0x85 [<ffffffff810c0c32>] exit_mmap+0x11b/0x13d [<ffffffff8104800f>] mmput+0x45/0xa4 [<ffffffff8104bf97>] exit_mm+0x114/0x120 [<ffffffff8104dc12>] do_exit+0x1da/0x8b4 [<ffffffff8106ef5b>] ? lock_acquired+0x29e/0x2ae [<ffffffff81057ef5>] ? get_signal_to_deliver+0x61/0x2b8 [<ffffffff8104e36b>] do_group_exit+0x7f/0xaf [<ffffffff81383349>] ? _spin_unlock_irq+0x32/0x37 [<ffffffff8105812e>] get_signal_to_deliver+0x29a/0x2b8 [<ffffffff81010498>] do_notify_resume+0x90/0x8a4 [<ffffffff8138338e>] ? _spin_unlock_irqrestore+0x40/0x57 [<ffffffff8106c6a7>] ? trace_hardirqs_off_caller+0x1f/0xac [<ffffffff81383395>] ? _spin_unlock_irqrestore+0x47/0x57 [<ffffffff8106d609>] ? trace_hardirqs_on_caller+0x1f/0x153 [<ffffffff81209bc7>] ? tty_ldisc_deref+0x69/0x6e [<ffffffff81202b5c>] ? tty_read+0x87/0xba [<ffffffff81011381>] ? sysret_signal+0x5/0x109 [<ffffffff8106d609>] ? trace_hardirqs_on_caller+0x1f/0x153 [<ffffffff81011417>] sysret_signal+0x9b/0x109 Code: 24 08 e8 3a ad 0e 00 48 c7 43 18 00 00 00 00 49 ff 8c 24 c8 00 00 00 be 09 00 00 00 48 89 df e8 e9 f3 00 00 8b 43 0c 85 c0 78 04 <0f> 0b eb fe 48 89 df e8 b7 35 03 00 f6 03 10 0f 84 84 00 00 00 RIP [<ffffffff810a8b9e>] __remove_from_page_cache+0x40/0xde RSP <ffff88007081f928>
Cheers, Mark.
Mark McLoughlin wrote:
Hi,
2.6.29-rc3 x86_64 guest on x86_64 RHEL5.3 host:
https://bugzilla.redhat.com/484295
kernel BUG at mm/filemap.c:123! invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC
This will fix it. I hope.
J
Subject: x86: don't apply __supported_pte_mask to non-present ptes
__supported_pte_mask contains the set of flags we support on the current hardware. We also use bits in the pte for things like logically present ptes with no permissions, and swap entries for swapped out pages. We should only apply __supported_pte_mask to present ptes, because otherwise we may destroy other information being stored in the ptes.
Signed-off-by: Jeremy Fitzhardinge jeremy.fitzhardinge@citrix.com --- arch/x86/include/asm/pgtable.h | 26 ++++++++++++++++++++------ arch/x86/include/asm/xen/page.h | 2 +- 2 files changed, 21 insertions(+), 7 deletions(-)
=================================================================== --- a/arch/x86/include/asm/pgtable.h +++ b/arch/x86/include/asm/pgtable.h @@ -316,16 +316,30 @@
extern pteval_t __supported_pte_mask;
+/* + * Mask out unsupported bits in a present pgprot. Non-present pgprots + * can use those bits for other purposes, so leave them be. + */ +static inline pgprotval_t massage_pgprot(pgprot_t pgprot) +{ + pgprotval_t protval = pgprot_val(pgprot); + + if (protval & _PAGE_PRESENT) + protval &= __supported_pte_mask; + + return protval; +} + static inline pte_t pfn_pte(unsigned long page_nr, pgprot_t pgprot) { - return __pte((((phys_addr_t)page_nr << PAGE_SHIFT) | - pgprot_val(pgprot)) & __supported_pte_mask); + return __pte(((phys_addr_t)page_nr << PAGE_SHIFT) | + massage_pgprot(pgprot)); }
static inline pmd_t pfn_pmd(unsigned long page_nr, pgprot_t pgprot) { - return __pmd((((phys_addr_t)page_nr << PAGE_SHIFT) | - pgprot_val(pgprot)) & __supported_pte_mask); + return __pmd(((phys_addr_t)page_nr << PAGE_SHIFT) | + massage_pgprot(pgprot)); }
static inline pte_t pte_modify(pte_t pte, pgprot_t newprot) @@ -337,7 +351,7 @@ * the newprot (if present): */ val &= _PAGE_CHG_MASK; - val |= pgprot_val(newprot) & (~_PAGE_CHG_MASK) & __supported_pte_mask; + val |= massage_pgprot(newprot) & ~_PAGE_CHG_MASK;
return __pte(val); } @@ -353,7 +367,7 @@
#define pte_pgprot(x) __pgprot(pte_flags(x) & PTE_FLAGS_MASK)
-#define canon_pgprot(p) __pgprot(pgprot_val(p) & __supported_pte_mask) +#define canon_pgprot(p) __pgprot(massage_pgprot(p))
static inline int is_new_memtype_allowed(unsigned long flags, unsigned long new_flags) =================================================================== --- a/arch/x86/include/asm/xen/page.h +++ b/arch/x86/include/asm/xen/page.h @@ -137,7 +137,7 @@ pte_t pte;
pte.pte = ((phys_addr_t)page_nr << PAGE_SHIFT) | - (pgprot_val(pgprot) & __supported_pte_mask); + massage_pgprot(pgprot);
return pte; }