From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1A542E732D0 for ; Fri, 29 Sep 2023 09:52:24 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9C93E6B01FE; Fri, 29 Sep 2023 05:52:23 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 97A386B01FF; Fri, 29 Sep 2023 05:52:23 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 81ABB6B0201; Fri, 29 Sep 2023 05:52:23 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 6E8096B01FE for ; Fri, 29 Sep 2023 05:52:23 -0400 (EDT) Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 4557C412C1 for ; Fri, 29 Sep 2023 09:52:23 +0000 (UTC) X-FDA: 81289169766.24.F17E432 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by imf04.hostedemail.com (Postfix) with ESMTP id 30C1240015 for ; Fri, 29 Sep 2023 09:52:20 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=iZMe9PNq; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=ZD4JJm3t; spf=pass (imf04.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.29 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1695981141; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=SMsbfT1iiLhFJ5psMInzAT4e3IKJNDrYEthOLA4QNSg=; b=F0AvFcO1mYIt7sV/ZWS9zycOv4fGmI95/7GEr619ZPb+vmUcGxSn7Xnh0qPszvatwfCEQX JUewcOQQoLXMveCVdUjQ3DXJEDnzcC0c3SqIvJHn+3FIo5/MQGgK7koMkLdNa1oKA28Ge8 uIY4GNDu+7NJHGGUQt7Cfp/kLfau7pc= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1695981141; a=rsa-sha256; cv=none; b=sNZsENGzAjyYiWCkoAyajt7KM43Z0in87kSeHYZPluK7nsWEWT8Ss9U0aMChlBnxas+9o9 R6VVU3zugHRnkuDXfynwBbeAVBdXVOY/nngTyi6OMBFmMsekcs3sZMF4T8XU66WKmWnkGv 9tJnYPKEsg/oySxIHbnvIf0Fr62NCD0= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=suse.cz header.s=susede2_rsa header.b=iZMe9PNq; dkim=pass header.d=suse.cz header.s=susede2_ed25519 header.b=ZD4JJm3t; spf=pass (imf04.hostedemail.com: domain of vbabka@suse.cz designates 195.135.220.29 as permitted sender) smtp.mailfrom=vbabka@suse.cz; dmarc=none Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 3768D1F390; Fri, 29 Sep 2023 09:52:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_rsa; t=1695981139; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SMsbfT1iiLhFJ5psMInzAT4e3IKJNDrYEthOLA4QNSg=; b=iZMe9PNqSNqDN3zSXu4MrqLTDaM7SqOWPzC08rCOaeEPRJgrQdkF23t78ewCO/+mcq55ks tVSiWGfdhD+76CYgKzCmsoI7dZZjaV5U3KW3AIvcrWeBQPn1oBNE+nFoczytB2tNV7z1Jx gdQ3kEabRbYS/Atu10H9/zvZzy9j670= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.cz; s=susede2_ed25519; t=1695981139; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SMsbfT1iiLhFJ5psMInzAT4e3IKJNDrYEthOLA4QNSg=; b=ZD4JJm3tY1+IR60rXfQV2pYyXFKLAo6biPwYRbaYhWylrlC8pJ1G6Xwam5mhpxEcQEC6o5 A0gOv02lW1BL0ABA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 1471D1390A; Fri, 29 Sep 2023 09:52:19 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id XLluBFOeFmVYFgAAMHmgww (envelope-from ); Fri, 29 Sep 2023 09:52:19 +0000 Message-ID: <1c8488e1-1776-f21e-bafd-3892f0894392@suse.cz> Date: Fri, 29 Sep 2023 11:52:18 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.15.1 Subject: Re: [PATCH 1/3] mmap: Fix vma_iterator in error path of vma_merge() Content-Language: en-US To: "Liam R. Howlett" , Andrew Morton Cc: maple-tree@lists.infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, Jann Horn , Lorenzo Stoakes , Suren Baghdasaryan , Matthew Wilcox , stable@vger.kernel.org References: <20230927160746.1928098-1-Liam.Howlett@oracle.com> <20230927160746.1928098-2-Liam.Howlett@oracle.com> From: Vlastimil Babka In-Reply-To: <20230927160746.1928098-2-Liam.Howlett@oracle.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 30C1240015 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: kn161r6rzawyy3fkshoytsrikikrethx X-HE-Tag: 1695981140-607916 X-HE-Meta: U2FsdGVkX19wa2sDVQKfFnOz9MYxX4p08n5pLbqQSBZEcmcuQulHAymXD4EW2sm3tzLNZq3dbljPCjDO3RqhlMDZtG2x7xMccWib6bgdNwxB6c3GklRP2jSCwuk73HZtt/Eg+UB5k2TZVaU9AZCkzS5RbpRUzJQk0I4dhnmahc1rephl5Vf//j9/sjCopGS+ZIX9S795Kw7DE93qzEnvlPNiLeYXiLh/2w+TPFsHk8SR4oSMkDHrzVmJskygQtW3u2ry1tvSliJMQbgESghIYmL4IMK+QVvh0yqdwLCQdnInwdWVoDZhSCZ+w7HBoPKq26oSAi4ulFZyU1QaGmkCSyf2/n4zFQFznx/V+kHiJPlapSk2ihafhxgJ6f5wCWvC/v20V00KCvdWvRlPht2NynQslcDBTNTkvCbCNzOvYlDOjCrAMGHfYNl7M49A4h+4Nt4gerdyWtr16Es4ZjrKYgL5DasgfLz0pSxHsfMPyr6dx2BM3QOjFYJeTkV3wm/aDjDewQqDDirl2VVLhXBie0BqGB1Gogx7US/GDUT+X18Yyqb18Efjmg8uBnSi6vxERB7E4QpHmSoaUTiJkwNcI5lBm8Qr//7Dr+erYlTDVpnqkPSvTDhc1TeyTEPMDzFFO2MpGAx4DFnfvq+34B2eQtN963ex/+jSHRXm2IXtVHLZ6YMcaH4Jd+V0WRToJ+4oadOpDSM9B5i+nfnlekb8E0RndZ00vRm8r0+/pEU8zuKlkPACMJf9zWDvWOR3rEyfyBypA3itTxunIOnRDGmXkve6PF9gVNP79gmHWGrEWDi8Xvw1p/81VJhlDgwjzc1rJFXvVEEFbsWBGKsovvEZE5m4bznrREWT6zAkkGeLI9LSRotU7+AS3IwzuecK5sxx3yu9y2QKXaMY2/ba2k1Ulh0oOG9ERZA08lojQK2XGt/PAny0WpzAv21FhfQdH+d7NaV+bicVOxG6uvzySrz YZMhg+4q DKNpH64aaUwkBDeqeP/qJMOrOb3nEvOFAMYjcNll6XfgkbADRid3IFQu21NPKwJ6lvhuMOHCGf7g16xF5LdfftnbMu89zLhC8ggZ3r569qXe5uPnT0uHgingwjqhHjhGwitbPsk/QoWzNVVZWjLBQn72GfxtJqEHL3zAGPzfPxoTCbt9U/hPfmU1CmUo8y00xUr3n00Mh9iuiJOVa+aeqWVXcMkb+njCsIy4MXCx56Sj68jXk3QlQ4D8TRcGRMIyB8Q7C3D3Te0NH4Sxb4xnodrdrPEEvu35VChKQ6MgqtwX+w+8PrGMgvSkIrBNmwzRdlJPmF1Y/BV1pazHMMTENjT1dro2xr67v0Lzn2584x1RyfktNx5CP0/RDjg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 9/27/23 18:07, Liam R. Howlett wrote: > When merging of the previous VMA fails after the vma iterator has been > moved to the previous entry, the vma iterator must be advanced to ensure > the caller takes the correct action on the next vma iterator event. Fix > this by adding a vma_next() call to the error path. > > Users may experience higher CPU usage, most likely in very low memory > situations. Maybe we could say explicitly that before this fix, vma_merge will be called twice on the same vma, which to the best of our knowledge does not cause anything worse than some wasted cycles because vma == prev, but it's fragile? > Link: https://lore.kernel.org/linux-mm/CAG48ez12VN1JAOtTNMY+Y2YnsU45yL5giS-Qn=ejtiHpgJAbdQ@mail.gmail.com/ > Closes: https://lore.kernel.org/linux-mm/CAG48ez12VN1JAOtTNMY+Y2YnsU45yL5giS-Qn=ejtiHpgJAbdQ@mail.gmail.com/ > Fixes: 18b098af2890 ("vma_merge: set vma iterator to correct position.") > Cc: stable@vger.kernel.org > Cc: Jann Horn > Signed-off-by: Liam R. Howlett > --- > mm/mmap.c | 12 +++++++++--- > 1 file changed, 9 insertions(+), 3 deletions(-) > > diff --git a/mm/mmap.c b/mm/mmap.c > index b56a7f0c9f85..b5bc4ca9bdc4 100644 > --- a/mm/mmap.c > +++ b/mm/mmap.c > @@ -968,14 +968,14 @@ struct vm_area_struct *vma_merge(struct vma_iterator *vmi, struct mm_struct *mm, > vma_pgoff = curr->vm_pgoff; > vma_start_write(curr); > remove = curr; > - err = dup_anon_vma(next, curr); > + err = dup_anon_vma(next, curr, &anon_dup); > } > } > } > > /* Error in anon_vma clone. */ > if (err) > - return NULL; > + goto anon_vma_fail; > > if (vma_start < vma->vm_start || vma_end > vma->vm_end) > vma_expanded = true; The vma_iter_config() actions done in this part are something we don't need to undo? > @@ -988,7 +988,7 @@ struct vm_area_struct *vma_merge(struct vma_iterator *vmi, struct mm_struct *mm, > } > > if (vma_iter_prealloc(vmi, vma)) > - return NULL; > + goto prealloc_fail; > init_multi_vma_prep(&vp, vma, adjust, remove, remove2); > VM_WARN_ON(vp.anon_vma && adjust && adjust->anon_vma && > @@ -1016,6 +1016,12 @@ struct vm_area_struct *vma_merge(struct vma_iterator *vmi, struct mm_struct *mm, > vma_complete(&vp, vmi, mm); > khugepaged_enter_vma(res, vm_flags); > return res; > + > +prealloc_fail: > +anon_vma_fail: > + if (merge_prev) > + vma_next(vmi); > + return NULL; > } > > /*