From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4C0ADC54EE9 for ; Thu, 8 Sep 2022 22:24:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D13358D0007; Thu, 8 Sep 2022 18:24:18 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id CC36F8D0002; Thu, 8 Sep 2022 18:24:18 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B64718D0007; Thu, 8 Sep 2022 18:24:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id A44A68D0002 for ; Thu, 8 Sep 2022 18:24:18 -0400 (EDT) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 7762240135 for ; Thu, 8 Sep 2022 22:24:18 +0000 (UTC) X-FDA: 79890347796.14.86F8AC0 Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) by imf09.hostedemail.com (Postfix) with ESMTP id 04637140098 for ; Thu, 8 Sep 2022 22:24:17 +0000 (UTC) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id B193C3200925; Thu, 8 Sep 2022 18:24:15 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Thu, 08 Sep 2022 18:24:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=shutemov.name; h=cc:cc:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm3; t=1662675855; x=1662762255; bh=Rf KgKsAWDv9z64NkeX5n18eQY3Xy8bpsCYz94ui+NtY=; b=Molw4rTtW99O7fWBBY JqfueoWOvGjszRqoyrOkT16LeTOzSFCRBM+Qyh7XibqVXSSKaalOZUZbceLG7NOa gltF7xkNlEyOngGni7QtN4tVS9KAkTQJAAGnL7S/hxDhTkSeXprbolZweDOhedAF arjiB5MCSAM2OC1CKo4KzOneAwMRH3/dh21l9gz8GOztqnfknk8l4K1o5e3KRdHH Xx1+Rb7SzJf720BXqLCMMMttdjHp8Hb5RUpGVzp8tGnHcht3Pw1Il++PUHp6C2uK ZNrhcbr3OSaQEiNN2XCns3+2pbfgmspo2yfllexRb/gJ79SHHjhVIZiPkD46Biz+ VGPw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1662675855; x=1662762255; bh=RfKgKsAWDv9z64NkeX5n18eQY3Xy 8bpsCYz94ui+NtY=; b=Vh6h8h2z+MFzfzawgzNnZoo3DpQ3MEkwGc6lxdGzBosi aObzU4WkuR8LFsbxx0RMSQRBiLd9BRPot7vxjdlJ1Koipewjj82G2Q/8DYagzP8J Lfj0XegyxxmPdcNbaVsIyh+Ptp/ASMV5Q6obaRbQApr6BH/mbkjaN7VPGTOf9f3e f/JZPCu8NnlGiX3dNUDkj6ISblBfHzJ7MuvPlLcKbFlyERxl9eNWip1zkEbKOmni sPk7AkQOqDItDmTMwqds1VmeCWp4BFbG8pQC+stGmD2fT/DVwf3qBgIDuXYiiiq0 IvvtTrZsjoDPCrGIm8JbM6vV7nxldRbekM4i5Cw2LA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfedtgedgtdelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkfhggtggujgesthdttddttddtvdenucfhrhhomhepfdfmihhr ihhllhcutedrucfuhhhuthgvmhhovhdfuceokhhirhhilhhlsehshhhuthgvmhhovhdrnh grmhgvqeenucggtffrrghtthgvrhhnpefhieeghfdtfeehtdeftdehgfehuddtvdeuheet tddtheejueekjeegueeivdektdenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmh epmhgrihhlfhhrohhmpehkihhrihhllhesshhhuhhtvghmohhvrdhnrghmvg X-ME-Proxy: Feedback-ID: ie3994620:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 8 Sep 2022 18:24:14 -0400 (EDT) Received: by box.shutemov.name (Postfix, from userid 1000) id 8A241104A93; Fri, 9 Sep 2022 01:24:10 +0300 (+03) Date: Fri, 9 Sep 2022 01:24:10 +0300 From: "Kirill A. Shutemov" To: Sergei Antonov Cc: linux-mm@kvack.org, akpm@linux-foundation.org, linux-arm-kernel@lists.infradead.org, linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org, "Kirill A . Shutemov" , Will Deacon Subject: Re: [PATCH] mm: bring back update_mmu_cache() to finish_fault() Message-ID: <20220908222410.yg2sqqdezzwfi5mj@box.shutemov.name> References: <20220908204809.2012451-1-saproj@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220908204809.2012451-1-saproj@gmail.com> ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1662675858; a=rsa-sha256; cv=none; b=2FbGXR3azxaFlGAoCqByQetcTm7mbalDcTOoTd5R2wjhrR/EHf2jfSVcZTx5NcLz3re1JK QQAE8p/b4CzmJfp2k18KGS0fZZxw8T2vbuLtKW8m2cRTmN56VJpDXMDigagvXdWjsC9wTg OOJ9wIzi5hRTC3TPFFaDuTYqaX5cNKU= ARC-Authentication-Results: i=1; imf09.hostedemail.com; dkim=pass header.d=shutemov.name header.s=fm3 header.b=Molw4rTt; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=Vh6h8h2z; dmarc=none; spf=pass (imf09.hostedemail.com: domain of kirill@shutemov.name designates 64.147.123.20 as permitted sender) smtp.mailfrom=kirill@shutemov.name ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1662675858; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=RfKgKsAWDv9z64NkeX5n18eQY3Xy8bpsCYz94ui+NtY=; b=5Ni1NwSfuoGnpJo9M4KXzyg726tm8G/r0zwDumuAyr3PV6qq544MQm2JW54g3ydoh+Q20c WR7SU3IDTwhv2yM9vk9/iiD8t2Swfq1MRrq0qqnWuiEhjIKIzzXeOjhFg+8G+TiMJVbqSb Jrga+FaDEKfQWNL5VIwk6/baSH+E76w= X-Rspam-User: X-Rspamd-Server: rspam05 Authentication-Results: imf09.hostedemail.com; dkim=pass header.d=shutemov.name header.s=fm3 header.b=Molw4rTt; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=Vh6h8h2z; dmarc=none; spf=pass (imf09.hostedemail.com: domain of kirill@shutemov.name designates 64.147.123.20 as permitted sender) smtp.mailfrom=kirill@shutemov.name X-Stat-Signature: 9ptw4d4jxysrw6jzygg9oh8ef3g1h8zx X-Rspamd-Queue-Id: 04637140098 X-HE-Tag: 1662675857-345783 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Thu, Sep 08, 2022 at 11:48:09PM +0300, Sergei Antonov wrote: > Running this test program on ARMv4 a few times (sometimes just once) > reproduces the bug. > > int main() > { > unsigned i; > char paragon[SIZE]; > void* ptr; > > memset(paragon, 0xAA, SIZE); > ptr = mmap(NULL, SIZE, PROT_READ | PROT_WRITE, > MAP_ANON | MAP_SHARED, -1, 0); > if (ptr == MAP_FAILED) return 1; > printf("ptr = %p\n", ptr); > for (i=0;i<10000;i++){ > memset(ptr, 0xAA, SIZE); > if (memcmp(ptr, paragon, SIZE)) { > printf("Unexpected bytes on iteration %u!!!\n", i); > break; > } > } > munmap(ptr, SIZE); > } > > In the "ptr" buffer there appear runs of zero bytes which are aligned > by 16 and their lengths are multiple of 16. > > Linux v5.11 does not have the bug, "git bisect" finds the first bad commit: > f9ce0be71d1f ("mm: Cleanup faultaround and finish_fault() codepaths") > > Before the commit update_mmu_cache() was called during a call to > filemap_map_pages() as well as finish_fault(). After the commit > finish_fault() lacks it. > > Bring back update_mmu_cache() to finish_fault() to fix the bug. > Also call update_mmu_tlb() only when returning VM_FAULT_NOPAGE to more > closely reproduce the code of alloc_set_pte() function that existed before > the commit. > > On many platforms update_mmu_cache() is nop: > x86, see arch/x86/include/asm/pgtable > ARMv6+, see arch/arm/include/asm/tlbflush.h > So, it seems, few users ran into this bug. > > Fixes: f9ce0be71d1f ("mm: Cleanup faultaround and finish_fault() codepaths") > Signed-off-by: Sergei Antonov > Cc: Kirill A. Shutemov +Will. Seems I confused update_mmu_tlb() with update_mmu_cache() :/ Looks good to me: Acked-by: Kirill A. Shutemov > --- > mm/memory.c | 14 ++++++++++---- > 1 file changed, 10 insertions(+), 4 deletions(-) > > diff --git a/mm/memory.c b/mm/memory.c > index 4ba73f5aa8bb..a78814413ac0 100644 > --- a/mm/memory.c > +++ b/mm/memory.c > @@ -4386,14 +4386,20 @@ vm_fault_t finish_fault(struct vm_fault *vmf) > > vmf->pte = pte_offset_map_lock(vma->vm_mm, vmf->pmd, > vmf->address, &vmf->ptl); > - ret = 0; > + > /* Re-check under ptl */ > - if (likely(!vmf_pte_changed(vmf))) > + if (likely(!vmf_pte_changed(vmf))) { > do_set_pte(vmf, page, vmf->address); > - else > + > + /* no need to invalidate: a not-present page won't be cached */ > + update_mmu_cache(vma, vmf->address, vmf->pte); > + > + ret = 0; > + } else { > + update_mmu_tlb(vma, vmf->address, vmf->pte); > ret = VM_FAULT_NOPAGE; > + } > > - update_mmu_tlb(vma, vmf->address, vmf->pte); > pte_unmap_unlock(vmf->pte, vmf->ptl); > return ret; > } > -- > 2.34.1 > -- Kiryl Shutsemau / Kirill A. Shutemov