On Fri, Dec 02, 2016 at 04:19:36PM +0100, Michal Hocko wrote: > [Let's CC more people - the thread started > http://lkml.kernel.org/r/1480540516-6458-1-git-send-email-yuzhao@xxxxxxxxxx] > > On Fri 02-12-16 09:56:26, Dan Streetman wrote: > > On Fri, Dec 2, 2016 at 9:44 AM, Michal Hocko <mhocko@xxxxxxxxxx> wrote: > > > On Fri 02-12-16 15:38:48, Michal Hocko wrote: > > >> On Fri 02-12-16 09:24:35, Dan Streetman wrote: > > >> > On Fri, Dec 2, 2016 at 8:46 AM, Michal Hocko <mhocko@xxxxxxxxxx> wrote: > > >> > > On Wed 30-11-16 13:15:16, Yu Zhao wrote: > > >> > >> __unregister_cpu_notifier() only removes registered notifier from its > > >> > >> linked list when CPU hotplug is configured. If we free registered CPU > > >> > >> notifier when HOTPLUG_CPU=n, we corrupt the linked list. > > >> > >> > > >> > >> To fix the problem, we can either use a static CPU notifier that walks > > >> > >> through each pool or just simply disable CPU notifier when CPU hotplug > > >> > >> is not configured (which is perfectly safe because the code in question > > >> > >> is called after all possible CPUs are online and will remain online > > >> > >> until power off). > > >> > >> > > >> > >> v2: #ifdef for cpu_notifier_register_done during cleanup. > > >> > > > > >> > > this ifedfery is just ugly as hell. I am also wondering whether it is > > >> > > really needed. __register_cpu_notifier and __unregister_cpu_notifier are > > >> > > noops for CONFIG_HOTPLUG_CPU=n. So what's exactly that is broken here? > > >> > > > >> > hmm, that's interesting, __unregister_cpu_notifier is always a noop if > > >> > HOTPLUG_CPU=n, but __register_cpu_notifier is only a noop if > > >> > HOTPLUG_CPU=n *and* MODULE. If !MODULE, __register_cpu_notifier does > > >> > > >> OK, I've missed the MODULE part > > >> > > >> > actually register! This was added by commit > > >> > 47e627bc8c9a70392d2049e6af5bd55fae61fe53 ('hotplug: Allow modules to > > >> > use the cpu hotplug notifiers even if !CONFIG_HOTPLUG_CPU') and looks > > >> > like it's to allow built-ins to register so they can notice during > > >> > boot when cpus are initialized. > > >> > > >> I cannot say I wound understand the motivation but that is not really > > >> all that important. > > >> > > >> > IMHO, that is the real problem - sure, without HOTPLUG_CPU, nobody > > >> > should ever get a notification that a cpu is dying, but that doesn't > > >> > mean builtins that register notifiers will never unregister their > > >> > notifiers and then free them. > > >> > > >> Yes that is true. That suggests that __unregister_cpu_notifier should > > >> the the symmetric thing to the __register_cpu_notifier for > > >> CONFIG_MODULE, right? > > > > > > I meant the following. Completely untested > > > > agreed, but also needs the non-__ version, and kernel/cpu.c needs > > tweaking to move those functions out of the #ifdef CONFIG_HOTPLUG_CPU > > section. > > OK, this is still only compile tested. Yu Zhao, assuming you were able > to trigger the original problem could you test with the below patch > please? This patch (plus the latest fix in this thread) solves the problem. Just for the record, the problem is when CONFIG_HOTPLUG_CPU=n, changing /sys/module/zswap/parameters/compressor multiple times will cause: [ 144.964346] BUG: unable to handle kernel paging request at ffff880658a2be78 [ 144.971337] IP: [<ffffffffa290b00b>] raw_notifier_chain_register+0x1b/0x40 <snipped> [ 145.122628] Call Trace: [ 145.125086] [<ffffffffa28e5cf8>] __register_cpu_notifier+0x18/0x20 [ 145.131350] [<ffffffffa2a5dd73>] zswap_pool_create+0x273/0x400 [ 145.137268] [<ffffffffa2a5e0fc>] __zswap_param_set+0x1fc/0x300 [ 145.143188] [<ffffffffa2944c1d>] ? trace_hardirqs_on+0xd/0x10 [ 145.149018] [<ffffffffa2908798>] ? kernel_param_lock+0x28/0x30 [ 145.154940] [<ffffffffa2a3e8cf>] ? __might_fault+0x4f/0xa0 [ 145.160511] [<ffffffffa2a5e237>] zswap_compressor_param_set+0x17/0x20 [ 145.167035] [<ffffffffa2908d3c>] param_attr_store+0x5c/0xb0 [ 145.172694] [<ffffffffa290848d>] module_attr_store+0x1d/0x30 [ 145.178443] [<ffffffffa2b2b41f>] sysfs_kf_write+0x4f/0x70 [ 145.183925] [<ffffffffa2b2a5b9>] kernfs_fop_write+0x149/0x180 [ 145.189761] [<ffffffffa2a99248>] __vfs_write+0x18/0x40 [ 145.194982] [<ffffffffa2a9a412>] vfs_write+0xb2/0x1a0 [ 145.200122] [<ffffffffa2a9a732>] SyS_write+0x52/0xa0 [ 145.205177] [<ffffffffa2ff4d97>] entry_SYSCALL_64_fastpath+0x12/0x17 > --- > From c812fe4e519914aa37f092d3a0321038fadcdde7 Mon Sep 17 00:00:00 2001 > From: Michal Hocko <mhocko@xxxxxxxx> > Date: Fri, 2 Dec 2016 16:06:56 +0100 > Subject: [PATCH] hotplug: make register and unregister notifier API symmetric > > Yu Zhao has noticed that __unregister_cpu_notifier only unregisters its > notifiers when HOTPLUG_CPU=y while the registration might succeed even > when HOTPLUG_CPU=n if MODULE is enabled. This means that e.g. zswap > might keep a stale notifier on the list on the manual clean up during > the pool tear down and thus corrupt the list. Fix this issue by making > unregister APIs symmetric to the register so there are no surprises. > > Fixes: 47e627bc8c9a ("[PATCH] hotplug: Allow modules to use the cpu hotplug notifiers even if !CONFIG_HOTPLUG_CPU") > Cc: stable # zswap needs it 4.3+ > Reported-by: Yu Zhao <yuzhao@xxxxxxxxxx> > Signed-off-by: Michal Hocko <mhocko@xxxxxxxx> > --- > include/linux/cpu.h | 15 ++++----------- > 1 file changed, 4 insertions(+), 11 deletions(-) > > diff --git a/include/linux/cpu.h b/include/linux/cpu.h > index 797d9c8e9a1b..c8938eb21e34 100644 > --- a/include/linux/cpu.h > +++ b/include/linux/cpu.h > @@ -105,22 +105,16 @@ extern bool cpuhp_tasks_frozen; > { .notifier_call = fn, .priority = pri }; \ > __register_cpu_notifier(&fn##_nb); \ > } > -#else /* #if defined(CONFIG_HOTPLUG_CPU) || !defined(MODULE) */ > -#define cpu_notifier(fn, pri) do { (void)(fn); } while (0) > -#define __cpu_notifier(fn, pri) do { (void)(fn); } while (0) > -#endif /* #else #if defined(CONFIG_HOTPLUG_CPU) || !defined(MODULE) */ > > -#ifdef CONFIG_HOTPLUG_CPU > extern int register_cpu_notifier(struct notifier_block *nb); > extern int __register_cpu_notifier(struct notifier_block *nb); > extern void unregister_cpu_notifier(struct notifier_block *nb); > extern void __unregister_cpu_notifier(struct notifier_block *nb); > -#else > > -#ifndef MODULE > -extern int register_cpu_notifier(struct notifier_block *nb); > -extern int __register_cpu_notifier(struct notifier_block *nb); > -#else > +#else /* #if defined(CONFIG_HOTPLUG_CPU) || !defined(MODULE) */ > +#define cpu_notifier(fn, pri) do { (void)(fn); } while (0) > +#define __cpu_notifier(fn, pri) do { (void)(fn); } while (0) > + > static inline int register_cpu_notifier(struct notifier_block *nb) > { > return 0; > @@ -130,7 +124,6 @@ static inline int __register_cpu_notifier(struct notifier_block *nb) > { > return 0; > } > -#endif > > static inline void unregister_cpu_notifier(struct notifier_block *nb) > { > -- > 2.10.2 > > -- > Michal Hocko > SUSE Labs -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>