mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
3109d5ff48
With ltp test case "testcases/bin/hugefork02", there is a dmesg error
report message such as:
kernel BUG at mm/hugetlb.c:5550!
Oops - BUG[#1]:
CPU: 0 UID: 0 PID: 1517 Comm: hugefork02 Not tainted 6.14.0-rc2+ #241
Hardware name: QEMU QEMU Virtual Machine, BIOS unknown 2/2/2022
pc 90000000004eaf1c ra 9000000000485538 tp 900000010edbc000 sp 900000010edbf940
a0 900000010edbfb00 a1 9000000108d20280 a2 00007fffe9474000 a3 00007ffff3474000
a4 0000000000000000 a5 0000000000000003 a6 00000000003cadd3 a7 0000000000000000
t0 0000000001ffffff t1 0000000001474000 t2 900000010ecd7900 t3 00007fffe9474000
t4 00007fffe9474000 t5 0000000000000040 t6 900000010edbfb00 t7 0000000000000001
t8 0000000000000005 u0 90000000004849d0 s9 900000010edbfa00 s0 9000000108d20280
s1 00007fffe9474000 s2 0000000002000000 s3 9000000108d20280 s4 9000000002b38b10
s5 900000010edbfb00 s6 00007ffff3474000 s7 0000000000000406 s8 900000010edbfa08
ra: 9000000000485538 unmap_vmas+0x130/0x218
ERA: 90000000004eaf1c __unmap_hugepage_range+0x6f4/0x7d0
PRMD: 00000004 (PPLV0 +PIE -PWE)
EUEN: 00000007 (+FPE +SXE +ASXE -BTE)
ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7)
ESTAT: 000c0000 [BRK] (IS= ECode=12 EsubCode=0)
PRID: 0014c010 (Loongson-64bit, Loongson-3A5000)
Process hugefork02 (pid: 1517, threadinfo=00000000a670eaf4, task=000000007a95fc64)
Call Trace:
[<90000000004eaf1c>] __unmap_hugepage_range+0x6f4/0x7d0
[<9000000000485534>] unmap_vmas+0x12c/0x218
[<9000000000494068>] exit_mmap+0xe0/0x308
[<900000000025fdc4>] mmput+0x74/0x180
[<900000000026a284>] do_exit+0x294/0x898
[<900000000026aa30>] do_group_exit+0x30/0x98
[<900000000027bed4>] get_signal+0x83c/0x868
[<90000000002457b4>] arch_do_signal_or_restart+0x54/0xfa0
[<90000000015795e8>] irqentry_exit_to_user_mode+0xb8/0x138
[<90000000002572d0>] tlb_do_page_fault_1+0x114/0x1b4
The problem is that base address allocated from hugetlbfs is not aligned
with pmd size. Here add a checking for hugetlbfs and align base address
with pmd size. After this patch the test case "testcases/bin/hugefork02"
passes to run.
This is similar to the commit 7f24cbc9c4 ("mm/mmap: teach
generic_get_unmapped_area{_topdown} to handle hugetlb mappings").
Cc: stable@vger.kernel.org # 6.13+
Signed-off-by: Bibo Mao <maobibo@loongson.cn>
Signed-off-by: Huacai Chen <chenhuacai@loongson.cn>
154 lines
4.2 KiB
C
154 lines
4.2 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* Copyright (C) 2020-2022 Loongson Technology Corporation Limited
|
|
*/
|
|
#include <linux/export.h>
|
|
#include <linux/hugetlb.h>
|
|
#include <linux/io.h>
|
|
#include <linux/kfence.h>
|
|
#include <linux/memblock.h>
|
|
#include <linux/mm.h>
|
|
#include <linux/mman.h>
|
|
|
|
#define SHM_ALIGN_MASK (SHMLBA - 1)
|
|
|
|
#define COLOUR_ALIGN(addr, pgoff) \
|
|
((((addr) + SHM_ALIGN_MASK) & ~SHM_ALIGN_MASK) \
|
|
+ (((pgoff) << PAGE_SHIFT) & SHM_ALIGN_MASK))
|
|
|
|
enum mmap_allocation_direction {UP, DOWN};
|
|
|
|
static unsigned long arch_get_unmapped_area_common(struct file *filp,
|
|
unsigned long addr0, unsigned long len, unsigned long pgoff,
|
|
unsigned long flags, enum mmap_allocation_direction dir)
|
|
{
|
|
struct mm_struct *mm = current->mm;
|
|
struct vm_area_struct *vma;
|
|
unsigned long addr = addr0;
|
|
int do_color_align;
|
|
struct vm_unmapped_area_info info = {};
|
|
|
|
if (unlikely(len > TASK_SIZE))
|
|
return -ENOMEM;
|
|
|
|
if (flags & MAP_FIXED) {
|
|
/* Even MAP_FIXED mappings must reside within TASK_SIZE */
|
|
if (TASK_SIZE - len < addr)
|
|
return -EINVAL;
|
|
|
|
/*
|
|
* We do not accept a shared mapping if it would violate
|
|
* cache aliasing constraints.
|
|
*/
|
|
if ((flags & MAP_SHARED) &&
|
|
((addr - (pgoff << PAGE_SHIFT)) & SHM_ALIGN_MASK))
|
|
return -EINVAL;
|
|
return addr;
|
|
}
|
|
|
|
do_color_align = 0;
|
|
if (filp || (flags & MAP_SHARED))
|
|
do_color_align = 1;
|
|
|
|
/* requesting a specific address */
|
|
if (addr) {
|
|
if (do_color_align)
|
|
addr = COLOUR_ALIGN(addr, pgoff);
|
|
else
|
|
addr = PAGE_ALIGN(addr);
|
|
|
|
vma = find_vma(mm, addr);
|
|
if (TASK_SIZE - len >= addr &&
|
|
(!vma || addr + len <= vm_start_gap(vma)))
|
|
return addr;
|
|
}
|
|
|
|
info.length = len;
|
|
info.align_offset = pgoff << PAGE_SHIFT;
|
|
if (filp && is_file_hugepages(filp))
|
|
info.align_mask = huge_page_mask_align(filp);
|
|
else
|
|
info.align_mask = do_color_align ? (PAGE_MASK & SHM_ALIGN_MASK) : 0;
|
|
|
|
if (dir == DOWN) {
|
|
info.flags = VM_UNMAPPED_AREA_TOPDOWN;
|
|
info.low_limit = PAGE_SIZE;
|
|
info.high_limit = mm->mmap_base;
|
|
addr = vm_unmapped_area(&info);
|
|
|
|
if (!(addr & ~PAGE_MASK))
|
|
return addr;
|
|
|
|
/*
|
|
* A failed mmap() very likely causes application failure,
|
|
* so fall back to the bottom-up function here. This scenario
|
|
* can happen with large stack limits and large mmap()
|
|
* allocations.
|
|
*/
|
|
}
|
|
|
|
info.low_limit = mm->mmap_base;
|
|
info.high_limit = TASK_SIZE;
|
|
return vm_unmapped_area(&info);
|
|
}
|
|
|
|
unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr0,
|
|
unsigned long len, unsigned long pgoff, unsigned long flags,
|
|
vm_flags_t vm_flags)
|
|
{
|
|
return arch_get_unmapped_area_common(filp,
|
|
addr0, len, pgoff, flags, UP);
|
|
}
|
|
|
|
/*
|
|
* There is no need to export this but sched.h declares the function as
|
|
* extern so making it static here results in an error.
|
|
*/
|
|
unsigned long arch_get_unmapped_area_topdown(struct file *filp,
|
|
unsigned long addr0, unsigned long len, unsigned long pgoff,
|
|
unsigned long flags, vm_flags_t vm_flags)
|
|
{
|
|
return arch_get_unmapped_area_common(filp,
|
|
addr0, len, pgoff, flags, DOWN);
|
|
}
|
|
|
|
int __virt_addr_valid(volatile void *kaddr)
|
|
{
|
|
unsigned long vaddr = (unsigned long)kaddr;
|
|
|
|
if (is_kfence_address((void *)kaddr))
|
|
return 1;
|
|
|
|
if ((vaddr < PAGE_OFFSET) || (vaddr >= vm_map_base))
|
|
return 0;
|
|
|
|
return pfn_valid(PFN_DOWN(PHYSADDR(kaddr)));
|
|
}
|
|
EXPORT_SYMBOL_GPL(__virt_addr_valid);
|
|
|
|
/*
|
|
* You really shouldn't be using read() or write() on /dev/mem. This might go
|
|
* away in the future.
|
|
*/
|
|
int valid_phys_addr_range(phys_addr_t addr, size_t size)
|
|
{
|
|
/*
|
|
* Check whether addr is covered by a memory region without the
|
|
* MEMBLOCK_NOMAP attribute, and whether that region covers the
|
|
* entire range. In theory, this could lead to false negatives
|
|
* if the range is covered by distinct but adjacent memory regions
|
|
* that only differ in other attributes. However, few of such
|
|
* attributes have been defined, and it is debatable whether it
|
|
* follows that /dev/mem read() calls should be able traverse
|
|
* such boundaries.
|
|
*/
|
|
return memblock_is_region_memory(addr, size) && memblock_is_map_memory(addr);
|
|
}
|
|
|
|
/*
|
|
* Do not allow /dev/mem mappings beyond the supported physical range.
|
|
*/
|
|
int valid_mmap_phys_addr_range(unsigned long pfn, size_t size)
|
|
{
|
|
return !(((pfn << PAGE_SHIFT) + size) & ~(GENMASK_ULL(cpu_pabits, 0)));
|
|
}
|