[PATCH resend] powerpc/64s: fix page table fragment refcount race vs speculative references
Matthew Wilcox
willy at infradead.org
Fri Jul 27 23:41:56 AEST 2018
On Fri, Jul 27, 2018 at 09:48:17PM +1000, Nicholas Piggin wrote:
> The page table fragment allocator uses the main page refcount racily
> with respect to speculative references. A customer observed a BUG due
> to page table page refcount underflow in the fragment allocator. This
> can be caused by the fragment allocator set_page_count stomping on a
> speculative reference, and then the speculative failure handler
> decrements the new reference, and the underflow eventually pops when
> the page tables are freed.
Oof. Can't you fix this instead by using page_ref_add() instead of
set_page_count()?
> Any objection to the struct page change to grab the arch specific
> page table page word for powerpc to use? If not, then this should
> go via powerpc tree because it's inconsequential for core mm.
I want (eventually) to get to the point where every struct page carries
a pointer to the struct mm that it belongs to. It's good for debugging
as well as handling memory errors in page tables.
More information about the Linuxppc-dev
mailing list