From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56009C77B78 for ; Tue, 2 May 2023 19:15:28 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E2A316B0074; Tue, 2 May 2023 15:15:27 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id DD8526B0081; Tue, 2 May 2023 15:15:27 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CEEA46B0082; Tue, 2 May 2023 15:15:27 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by kanga.kvack.org (Postfix) with ESMTP id BCD9E6B0074 for ; Tue, 2 May 2023 15:15:27 -0400 (EDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 15024621DB; Tue, 2 May 2023 19:15:27 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4F551C4339B; Tue, 2 May 2023 19:15:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linux-foundation.org; s=korg; t=1683054926; bh=r8WWjkIMJIaq0ut5/ios1bJTm+k1wBFfceoqsar6VsM=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=qg6+vslt/PZ2KiRJz8sltxAlarRY+0m4mwAxTUhOyxfJCF8bpSFxmxyYqETIAktFb aNnUkECRskkjEWWSWkjFdGtMxAJ6pVGIDqCP/oQ4YLLqsOLdzBam6uEZAUTYDaufve 9ANJ2AMqCAFygybwaTV9MAomqhHeSE/IvEgJGM+w= Date: Tue, 2 May 2023 12:15:25 -0700 From: Andrew Morton To: Lorenzo Stoakes Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, "Liam R . Howlett" , Vlastimil Babka Subject: Re: [PATCH] mm/mmap/vma_merge: always check invariants Message-Id: <20230502121525.258f089cbed7e44c113f2d83@linux-foundation.org> In-Reply-To: References: X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Sun, 30 Apr 2023 21:19:17 +0100 Lorenzo Stoakes wrote: > We may still have inconsistent input parameters even if we choose not to > merge and the vma_merge() invariant checks are useful for checking this > with no production runtime cost (these are only relevant when > CONFIG_DEBUG_VM is specified). > > Therefore, perform these checks regardless of whether we merge. > > This is relevant, as a recent issue (addressed in commit "mm/mempolicy: > Correctly update prev when policy is equal on mbind") in the mbind logic > was only picked up in the 6.2.y stable branch where these assertions are > performed prior to determining mergeability. > > Had this remained the same in mainline this issue may have been picked up > faster, so moving forward let's always check them. > I'll scoot this into 6.4-rc, given the recent problems in this area. > --- a/mm/mmap.c > +++ b/mm/mmap.c > @@ -960,17 +960,17 @@ struct vm_area_struct *vma_merge(struct vma_iterator *vmi, struct mm_struct *mm, > merge_next = true; > } > > + /* Verify some invariant that must be enforced by the caller. */ > + VM_WARN_ON(prev && addr <= prev->vm_start); > + VM_WARN_ON(curr && (addr != curr->vm_start || end > curr->vm_end)); > + VM_WARN_ON(addr >= end); Maybe converting to VM_WARN_ON_ONCE() would be kinder.