From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 62F99C25B73 for ; Sat, 27 Apr 2024 04:26:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id CC9996B0089; Sat, 27 Apr 2024 00:26:00 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id C781B6B008A; Sat, 27 Apr 2024 00:26:00 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id AF1096B008C; Sat, 27 Apr 2024 00:26:00 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 91A7A6B0089 for ; Sat, 27 Apr 2024 00:26:00 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 43BD0809BD for ; Sat, 27 Apr 2024 04:26:00 +0000 (UTC) X-FDA: 82054024080.13.A7480F5 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2040.outbound.protection.outlook.com [40.107.237.40]) by imf12.hostedemail.com (Postfix) with ESMTP id 2A4744000F for ; Sat, 27 Apr 2024 04:25:56 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=F+3446FB; dmarc=pass (policy=reject) header.from=nvidia.com; spf=pass (imf12.hostedemail.com: domain of jhubbard@nvidia.com designates 40.107.237.40 as permitted sender) smtp.mailfrom=jhubbard@nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1714191957; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=y84M5Tzl9Ji1aiRLC4wADbZm1Sa7SHMpGyeokxPh7cc=; b=VIp0RYf7MLmoH459NLRBbyjJuP+mKHNGz63YGa4QO7gEwkayV4GHyNOHS/bqefHoF3vc3O LpFREaYGbk7mgv0NJ2JOwZZZetIUIeSU8K/Y3FvV4dA5GknbEL4HR20ugYRP/0FuaRj66U ksTt1TOLOHkWlMJsfWAuxSC8lLpU0fA= ARC-Authentication-Results: i=2; imf12.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=F+3446FB; dmarc=pass (policy=reject) header.from=nvidia.com; spf=pass (imf12.hostedemail.com: domain of jhubbard@nvidia.com designates 40.107.237.40 as permitted sender) smtp.mailfrom=jhubbard@nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1714191957; a=rsa-sha256; cv=pass; b=cLCSzF42mbq/dHXg4gkvF7EeqboAYURDyHCgZ1RLrw6qR3LggsVWt3Ae3rffT8Grtp3eMA nRMhXy65JrVX6MHgp87o+OwBAnVuhFHVic7jaGfI+w6l8a0nW9GhDw+6iNgG1WGu+S5Zdj e55QBnwp6qYZ7SIH5r34w7mZEN9EUes= ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UvYHJPleX2QdnvhkoA1dMQrFo2hFBTzbBU14/r5bO6YqdWcqjXwiPjVl6uwsb9aFoHW2cUfXpzSsVuDvFJy2ItGniI7NsN5DoCBu4Od+meXhy6TI7SwV4XAWdfAI2UCyDmEQv1Od28NQI0xr4FCBmqpp6GIrr9xwayRqU40SEiTmu8jfUeP0bTtpUIOlvWE+r/9x5+pZOTn1c55qqXEHDi98qLRTeQKCDvTpTlB2DVtO+irR1qGz5sQ1j4h+M5bYvZMTt6UCxzAEQKptADbJwk5o0AJxceVbk8rWfc3djbFZU+5HfNG+RYDN5ojG3EAfG2V72QIndQMgHbD5Hr8+Qw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=y84M5Tzl9Ji1aiRLC4wADbZm1Sa7SHMpGyeokxPh7cc=; b=c4bThZ/szoWi/pD2Qwk2SSQQMWHtA9rUndR0D+dcEzB2N3MQmF9v6tzS9pjvW+CwPZT7teJBQ5qNCOORmjNHRvCWaYrLSRjSvypixypJb8/2QLofBNdKfZdjLMzB0ib6Jo33YRQk27bKYGgTlnPq7N7GRr2QzjvY9OJxZG/xj5l5uX/Ag0JZo+d73lAafZ9DMAtDnSD1MenM88Bf/LzCXzqSg/qsYsR/Dd3Q3hWGcsrJc274WMnCA5GzsZIsAuCuOgMMuD47uwJj6Av3i+5t1uVLWP3HEBmVFN3KP8Jxg/DUYJgtIeBYy2ayD6Eb44KsQ25qhR5LqKbSPHcSksKuJg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.160) smtp.rcpttodomain=arm.com smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=y84M5Tzl9Ji1aiRLC4wADbZm1Sa7SHMpGyeokxPh7cc=; b=F+3446FBYwM6uC0eUra7H8fH45gukw3gZM8VekvGu/ln0s0GgILApyEubo4cS71MnX1G4rtk3NMyKaQweqxl3Y1AyoAkZN8vAQ4K8NaxXLwNGjkqau+8gXwmAmDlmWmGE38cnzP/9N5ZICz1RYuSagtUHKk1bqJGp+UKU081RbJFStXmZN9WcjXEQyKl2aXi3PPvDzOOkm4My6Jf/cwMftRFFVBs3MAasP37SIdfbxSwhyFW4wUgJpeIx2SpEzu2a1VH+5ekLZpy+KviQA1otbatMYFdzQFmZxP9PfkhfJt4QhTmzffpnbaF8z683kSKi4qZHCooLWmW7kSYbgUikQ== Received: from CH2PR12CA0016.namprd12.prod.outlook.com (2603:10b6:610:57::26) by MW4PR12MB7484.namprd12.prod.outlook.com (2603:10b6:303:212::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.23; Sat, 27 Apr 2024 04:25:54 +0000 Received: from CH2PEPF00000142.namprd02.prod.outlook.com (2603:10b6:610:57:cafe::40) by CH2PR12CA0016.outlook.office365.com (2603:10b6:610:57::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.31 via Frontend Transport; Sat, 27 Apr 2024 04:25:54 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.160) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.160) by CH2PEPF00000142.mail.protection.outlook.com (10.167.244.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7519.19 via Frontend Transport; Sat, 27 Apr 2024 04:25:53 +0000 Received: from rnnvmail201.nvidia.com (10.129.68.8) by mail.nvidia.com (10.129.200.66) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Fri, 26 Apr 2024 21:25:43 -0700 Received: from [10.110.48.28] (10.126.230.35) by rnnvmail201.nvidia.com (10.129.68.8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1544.4; Fri, 26 Apr 2024 21:25:42 -0700 Message-ID: <1734de6e-1bcd-492e-b07b-9ad712967e1d@nvidia.com> Date: Fri, 26 Apr 2024 21:25:41 -0700 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v1] mm: Fix race between __split_huge_pmd_locked() and GUP-fast To: Zi Yan , Ryan Roberts CC: Anshuman Khandual , Andrew Morton , Aneesh Kumar K.V , , References: <20240425170704.3379492-1-ryan.roberts@arm.com> <39d0236c-4297-4001-bc7e-f516bc674f7b@arm.com> <87df74b7-2352-4ad6-b9f9-baed9291cbed@arm.com> <80148272-208A-4306-A8EC-98C79BBBDCA0@nvidia.com> Content-Language: en-US From: John Hubbard In-Reply-To: Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.126.230.35] X-ClientProxiedBy: rnnvmail201.nvidia.com (10.129.68.8) To rnnvmail201.nvidia.com (10.129.68.8) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CH2PEPF00000142:EE_|MW4PR12MB7484:EE_ X-MS-Office365-Filtering-Correlation-Id: 208b195e-bd5b-40a9-4e00-08dc6672209e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230031|36860700004|376005|82310400014|1800799015; X-Microsoft-Antispam-Message-Info: =?utf-8?B?R1NIckxGWEw3N2w1OC9iVzZ5ZnFZTXAzNGRQYmR0U3Qya2djdDY0anpYMlox?= =?utf-8?B?WmRrcDN2aFp6WURGcEJ2WnpPd2x3Wng4Yk1pR0JNS2w0azBJMjlWOGt2elgw?= =?utf-8?B?RCsvcGE3cGVMWHRBaFB0dGJQSTJrbytKaVdoSWMvcmhTRWR1YTd5UTA4WXpE?= =?utf-8?B?Z0kwQmJJV0JDLy91UlFYZG5xd010UU1DTVlNUTRKRExTWjFYK0hzczREUXJM?= =?utf-8?B?VHVEM3NjQUNpTWhyM05nZjM1Zy9yN0M0bnNaZWZWTGNlQzhiRExnOFAzQWZi?= =?utf-8?B?WnhhZUg4ZnZLUkRlTDhHN3hhQVQ4Wm4wSkRWQ2k2SjFqU3IxV1I0RVhYd1Yz?= =?utf-8?B?bzIvaXZBVTZkVFBYbXZSQmJ1ekVwS2k1TTYwamYwRElMYnUrdEF5TlRZNnEv?= =?utf-8?B?aVd4ZnFaNk5mWlVtaXB5alNkRjI0ejBCNGR5Ympxa1l6M09jM2swV01PWmNq?= =?utf-8?B?dmMzbFdFMXMxZ1JRcGpsb1RSWCt3UGpRTm9WZkhEN0hMZ3NSRjlzazREelN3?= =?utf-8?B?dUZmYzU1M2FML3p4UUo3M281Qmt2Ukkya2NLSkI4RzZ4VitaMjZxOUNHYkJH?= =?utf-8?B?eGpiRnl4UktMRjRUWFMrZzRtYms4UDZRaGdNWDRyVytxQkVBRnpqditlNGwy?= =?utf-8?B?SGwwQmNVb1hWVmVuUjhCUEl0VDlZT0l5bUtCb3Bab1M0ckpJZ2ZtcXVrTFFo?= =?utf-8?B?aTg4bzVFcUpHUVdxbHYvOXVyRkw4bUM0MzBGcnZvSFp4cndlYjZBWkxzMkNS?= =?utf-8?B?cHdtVmRFU0hTazRvZmtBSGg3YVM5eGVkVXc0MkxaZExQdlEvdDVxam56Q2lx?= =?utf-8?B?aS9PMlNTODNhOG11QkFqZVpNbmduUW9BTkpPUFVicjdldWplZVNCQ0dKTkc3?= =?utf-8?B?ZHRYcVdwbDFESFNQeFpQNlVyZjlHLzdVWDV3blNBaklWV1BPSVloYUNQcGxX?= =?utf-8?B?bTdwaW45QWRwUDFzbFJ0ODA0eElqN05Ia3pqai9zQTJjTHNWZ01nYnJmRjZK?= =?utf-8?B?ZFZVMXdqdG9sejl1ZDJWaHd0RkkyN0JxTk40dTBpbVZqTWpENXhuaFYwV0xv?= =?utf-8?B?dE9zbXV0S2tLTHJEVXZhV0ZGSy9vT1VsNWhUMEhnRW05NnJxaWtzQ1BHa3RP?= =?utf-8?B?NEowZlI0QzdhWFNZaEZVMnMvL0wwRGJyWVU4ZkVQNUE2MG1kUGIrc3grbkRl?= =?utf-8?B?SHBsU1ZjbXFKb3hQaE5YQWdyenI2eW9LZVgrN1ZRbTdlZXhLUWxEeTd1TXY3?= =?utf-8?B?MnhtOFJhQ2JZbWdISDdDQ1RYMmNaV0tCMk8xMkZnbnE1RkNvaFQwZ0VsUXlC?= =?utf-8?B?TDMwNUhIdWROai9JY2FXMDFIZ1JsNXlLWG5ZVlFta2l2ZjJlZStTQjBQbDdr?= =?utf-8?B?MFlDU2tsejdkZm9RRXE0VW1wM2ZkVE03bDNoYzRGNzNKOENJdSs2MW9JNkUy?= =?utf-8?B?OVUxOGVQU2lFc0VXSFk5aWQ0QXd5aXJhajRzYXE5bitGV0I1WGZiK3dxNWRR?= =?utf-8?B?WEhkOWlsNnBXaFpQaHVIYUd2WkxDM1dvanhlVHpNV1drZVI1RkhqNUFYMnE2?= =?utf-8?B?WFhwYno2ODJxZkJkRkhMNW9KSVhURkdnMDU4VTdtUlR4RWlQVnI5emJvS3lv?= =?utf-8?B?ejVCOG9qK05EbjhvQm15SXdvdE8xZVlKZGNsMFNBYjZ0blE1SnRuVzJ0ZXBP?= =?utf-8?B?Z0FLNmkvdEVUZlhJcGI3RHBOWmROT1dobFViSUhiRlk1Vk9UWk42T1dnb1Qv?= =?utf-8?B?UTJkZE9Mb25SbnpQTlBoNFI2d2lEbUtVNDhLZHZvcDRrNDdicXk5RGFJa1po?= =?utf-8?B?R0hDSFhHT3hmTHFhZTVuVlk4VVJ0R29Ja1lqNjNQNFVCVjRnc0RZNkdHNGhh?= =?utf-8?Q?gKpL4LivVctVx?= X-Forefront-Antispam-Report: CIP:216.228.117.160;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge1.nvidia.com;CAT:NONE;SFS:(13230031)(36860700004)(376005)(82310400014)(1800799015);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Apr 2024 04:25:53.7443 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 208b195e-bd5b-40a9-4e00-08dc6672209e X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.160];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: CH2PEPF00000142.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR12MB7484 X-Stat-Signature: qaec6az889zxynf8bhmsncq381rgwue1 X-Rspamd-Queue-Id: 2A4744000F X-Rspam-User: X-Rspamd-Server: rspam12 X-HE-Tag: 1714191956-291865 X-HE-Meta: U2FsdGVkX197WdaSTy2ulfA7GCVrok4Mkj+sW99GSUIRURIrHGnljFt3b51LuSOgZaIP0xZnJ33WEDR3TgTx9PqEdjZqrt/HXx4qwz/5gteVdfocRnt67EsdacQ2OCWpcNAQddClkFNsZmhH1/Jsl+8TFbr8P/M2V2XsUptso539JBuBSQC5Y2H602kAA/LMxrkrUHtYCxZ3qwWA3sQWZcX84N7/LAQ6PNQQ+JS5Vbmuc9gNS+57B51yT3Tq3gehsHXT2nrJeDmCwzi/+HjiXvIZOgo6Ae4FqxzIsVjzWqn9tftObNcnbWDWsbfXEqX/JwLYkV3pKUvZjwxKJtHNKlouv5OJd/3t3tMRw+6+5jmXfTvbqD4nOKhdSMWzVrN/LU6JVV+OsCNcFh9xJ4pldk8HR0WOg/S7p/OMCAvIK/cIhu9qEmYqQI7rog3M/suZehm9w/uBXGz7SnKUtGl45Ib7+o38d1h47oSm2259CWB8It26yh1E6vCVHlkyaatd369d9WDIFPI/KmYGDFMrHXUdtrhX/+u/lRmUuBZvuOvWh1wrbeQ8v7pxvkw64uGxpDQO3uBd6nFPwee/nYkYpaWFQxvOW23Sdj3nDUR2sGWodrk7TmEXiZyZ86ByVPX/wr4Z1+lI5YuyoLmB/MdKT866vT2Std6tkMsZO/WD8jtQgJ2O+SpqcBqDMsKLlKt9VFYODRozNjieApvkOgwQ7wpa84+gnL6ZzGb0D77HzuiQlkosyUXEIzxSVhZq33ddhylp8IELSvthsYLYKliEKaNv+KS0PyVKug+MONO99NGW7haetdvAwtAlvLIvZax+vX/pu8VeSqC91cMoFWmX0vZ3MCg1JBzE57MXUc43ZhR4EvwJZ0DuQlBCcNqX+OQmZ5jZPvzaUfHpZLktCs9l5cgqlg/Ick1+IwUABFKkqXZYtrHcA/obFfmL5vQR9Sk0RUGJ1jFqu9Y1eC04sCB 0S+TI7Gh MTzpDDHkrhPrzpvdkcuZ8QuH4pbq4yMl4THodaE2l3CKd3WR9KMGOrGxUtJcdC5NzwzdqYBve+oyvNUxEz/sKRfHtBWbylrsM14TzBtlNvvhIsLmT3nLMMiQ0Ntn1bYQdO0fYaYAfxqIAf5VelZmS/nTFOWs9ueUt4kzVntzAwfG4KV1NXUgfzSOwaTdG6DSzwIDFFYXZEQ4oTVoPQ+rWX4snZFIXWPKLSeodm1lF76TPR5rMWtVvIyBtqHkq7ZgDcLHTOsrngUlaeK4NabCEeEtJCTsDQI9uJD7m12DBiQznV2PD+2RqC/UJfkOnAdjT6Jv6igfDGe4LkUHL3G0yW/7a5jr/P2ZhH1guV8Vibm7PQdGoqIqtVBiFxD5OnpP/IuAaTG+KGTq0uOG3UO7tVTkve/fti9ABBX+l+TcMUGsOhc8= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 4/26/24 7:53 AM, Zi Yan wrote: Hi Zi (and Ryan)! >>>>> lockless pgtable walker could see the migration entry pmd in this state >>>>> and start interpretting the fields as if it were present, leading to >>>>> BadThings (TM). GUP-fast appears to be one such lockless pgtable walker. >>>> >>>> Could you please explain how bad things might happen ? >>> >>> See 2 places where pmdp_get_lockless() is called in gup.c, without the PTL. >>> These could both return the swap pte for which pmd_mkinvalid() has been called. >>> In both cases, this would lead to the pmd_present() check eroneously returning >>> true, eventually causing incorrect interpretation of the pte fields. e.g.: >>> >>> gup_pmd_range() >>> pmd_t pmd = pmdp_get_lockless(pmdp); >>> gup_huge_pmd(pmd, ...) >>> page = nth_page(pmd_page(orig), (addr & ~PMD_MASK) >> PAGE_SHIFT); >>> >>> page is guff. >>> >>> Let me know what you think! > > Add JohnH to check GUP code. Ryan is correct about this behavior. By the way, remember that gup is not the only lockless page table walker: there is also the CPU hardware itself, which inconveniently refuses to bother with taking page table locks. :) So if we have code that can make a non-present PTE appear to be present to any of these page walkers, whether software or hardware, it's a definitely Not Good and will lead directly to bugs. Since I had to study this patch and discussion a bit in order to respond, I'll go ahead and also reply to the original patch with review comments. thanks, -- John Hubbard NVIDIA