From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 4074BC38A02
	for <linux-mm@archiver.kernel.org>; Sun, 30 Oct 2022 00:18:17 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 9B88F8E0001; Sat, 29 Oct 2022 20:18:16 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 9687E6B0073; Sat, 29 Oct 2022 20:18:16 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 7E22D8E0001; Sat, 29 Oct 2022 20:18:16 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10])
	by kanga.kvack.org (Postfix) with ESMTP id 6ADE36B0071
	for <linux-mm@kvack.org>; Sat, 29 Oct 2022 20:18:16 -0400 (EDT)
Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay05.hostedemail.com (Postfix) with ESMTP id 41A3740952
	for <linux-mm@kvack.org>; Sun, 30 Oct 2022 00:18:16 +0000 (UTC)
X-FDA: 80075703792.01.0382EEC
Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176])
	by imf26.hostedemail.com (Postfix) with ESMTP id C3912140007
	for <linux-mm@kvack.org>; Sun, 30 Oct 2022 00:18:15 +0000 (UTC)
Received: by mail-pl1-f176.google.com with SMTP id j12so7902659plj.5
        for <linux-mm@kvack.org>; Sat, 29 Oct 2022 17:18:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=to:references:message-id:content-transfer-encoding:cc:date
         :in-reply-to:from:subject:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=A4sHJ0uGd/0eErR7PFl+RWk3gHbczSzplTSSzCUNeA0=;
        b=R7Wd1HAdnpJLmQV5KnlPADGVDhW9cx+2kssOQqpcdj0HVLpgNjeBGUm9yzOk6sRYqn
         v7CZDsUFBpv96deaCFh1uJ/wJA2d/kuUC4q2/GBU6ABwyLekOsZVCaVtHVUx4yOKc5vA
         99aQ/ExYfiS43hXg2JgI41Jv1RWO5Jml5GatPEyizaz1J6eCIvAkQzMfrLNk99HX5Ete
         W2CvjGVi7Plu3/7hKjewYD9ZwpJ3EVvln67UzTFoYMoJJn9rhwvuq6Mb0XnYJurG0OSy
         O6TEoscgTs75fWm8KG7xOo1tbVtRNFPiSthNF3BKEk63VbD4eUl5z92xqhvsUYg5+o9C
         xTIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=to:references:message-id:content-transfer-encoding:cc:date
         :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=A4sHJ0uGd/0eErR7PFl+RWk3gHbczSzplTSSzCUNeA0=;
        b=lh8oIEvSr1moxhIxNv8lszgmX9rwwy1CGlNk45/vuY4PLPYOi9ubv/MLXz9vSItnyn
         5oRF52VyZVVZPWArRXT4AZsTCYe1SNCegEoNKYbIt62Pw+owEkJcsMGdNVBaBKvcD5TD
         o98sb7xDlhqxxwnmL0O1p7HGPFZIAlapYV2SiBkhpA0ub2Z3Mk/qnr/8wTg5HnzPO7XJ
         IozlXSaGuqOogSryPVRNyU8tYZIGL1KuDDyZJ7FvzOEVSqECSdY77noPMrZZnebFBWmS
         Y+ghK/uDTxB/zcuXQcCdKnH6UsTarPXPQ3Ts+2L7n4KsqpRAqb8hmzKapg71vatbvsvU
         P2MA==
X-Gm-Message-State: ACrzQf3VFvXVFRRmfbL9Xd9Y3R5XbnAX69ZUIYo5AY5KFs1W2P/hH2BD
	3Ja/yJR3A14rcIlrNsU4tYY=
X-Google-Smtp-Source: AMsMyM7qXCkaYsDCqrcnjZe1gY3PJa48GtM5mwq14jkA4b31e3Fkh5lBfq3p77IY2esHXLpMCm72BQ==
X-Received: by 2002:a17:90a:7e14:b0:210:dcec:ffe9 with SMTP id i20-20020a17090a7e1400b00210dcecffe9mr7161179pjl.157.1667089094410;
        Sat, 29 Oct 2022 17:18:14 -0700 (PDT)
Received: from smtpclient.apple (c-24-6-216-183.hsd1.ca.comcast.net. [24.6.216.183])
        by smtp.gmail.com with ESMTPSA id g6-20020a625206000000b005633a06ad67sm1714897pfb.64.2022.10.29.17.18.12
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Sat, 29 Oct 2022 17:18:13 -0700 (PDT)
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Subject: Re: [PATCH 01/13] mm: Update ptep_get_lockless()s comment
From: Nadav Amit <nadav.amit@gmail.com>
In-Reply-To: <CAHk-=wgiDa9Xy5rLMR_gvC-WVvdkxABgXXADbKhwswYof7ptdg@mail.gmail.com>
Date: Sat, 29 Oct 2022 17:18:11 -0700
Cc: Peter Zijlstra <peterz@infradead.org>,
 Jann Horn <jannh@google.com>,
 John Hubbard <jhubbard@nvidia.com>,
 X86 ML <x86@kernel.org>,
 Matthew Wilcox <willy@infradead.org>,
 Andrew Morton <akpm@linux-foundation.org>,
 kernel list <linux-kernel@vger.kernel.org>,
 Linux-MM <linux-mm@kvack.org>,
 Andrea Arcangeli <aarcange@redhat.com>,
 "Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
 jroedel@suse.de,
 ubizjak@gmail.com,
 Alistair Popple <apopple@nvidia.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <3416A651-E648-4A2E-A710-21163F9537EE@gmail.com>
References: <20221022111403.531902164@infradead.org>
 <20221022114424.515572025@infradead.org>
 <2c800ed1-d17a-def4-39e1-09281ee78d05@nvidia.com>
 <Y1ZGNwUEdm15W6Xz@hirez.programming.kicks-ass.net>
 <CAG48ez3fG=WnvbiE5mJaD66_gJj_hohnV8CqBG9eNdjd7pJW3A@mail.gmail.com>
 <Y1fsYwshJ93FT21r@hirez.programming.kicks-ass.net>
 <CAG48ez3VE+3dVdUMK+Pg_942gR+h_TCcSaFxGwCbNfh3W+mfOA@mail.gmail.com>
 <Y1f7YvKuwOl1XEwU@hirez.programming.kicks-ass.net>
 <CAG48ez05gBiB2w7bL_3O_OUoBWazmHnRwMiuni_wQyXBUcaxbQ@mail.gmail.com>
 <Y1oub9MvqwGBlHkq@hirez.programming.kicks-ass.net>
 <CAHk-=wihPdOtXgJ32pLB6Xd-UvnaZW9YvOOjM24JGYRjNHeykA@mail.gmail.com>
 <6C548A9A-3AF3-4EC1-B1E5-47A7FFBEB761@gmail.com>
 <CAHk-=wh8oi0qQtYDFTfm7d1s5C8mG7ig=NfzGWt4zbjXMzcdqQ@mail.gmail.com>
 <F9E42822-DA1D-4192-8410-3BAE42E9E4A9@gmail.com>
 <B88D3073-440A-41C7-95F4-895D3F657EF2@gmail.com>
 <CAHk-=wgzT1QsSCF-zN+eS06WGVTBg4sf=6oTMg95+AEq7QrSCQ@mail.gmail.com>
 <47678198-C502-47E1-B7C8-8A12352CDA95@gmail.com>
 <CAHk-=wjzngbbwHw4nAsqo_RpyOtUDk5G+Wus=O0w0A6goHvBWA@mail.gmail.com>
 <CAHk-=wijU_YHSZq5N7vYK+qHPX0aPkaePaGOyWk4aqMvvSXxJA@mail.gmail.com>
 <CAHk-=wgiDa9Xy5rLMR_gvC-WVvdkxABgXXADbKhwswYof7ptdg@mail.gmail.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1667089095; a=rsa-sha256;
	cv=none;
	b=LsUKndo9zIW5qJx6vefdqnsDg+iIP4EcR5HuUnPIUDWYrKfqw4YIqg52bkxDLJhm8EZ3PQ
	1pWLZ8KSKBJOF3ECHQ/8ssJQP4ypZcBc1bxbkfEpoTZqyVoUpt8Kba2AzzoiDnYH8axmDG
	poHXvjEb0k5xv8ZWcstYmCKy7YI/T1w=
ARC-Authentication-Results: i=1;
	imf26.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=R7Wd1HAd;
	spf=pass (imf26.hostedemail.com: domain of nadav.amit@gmail.com designates 209.85.214.176 as permitted sender) smtp.mailfrom=nadav.amit@gmail.com;
	dmarc=pass (policy=none) header.from=gmail.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1667089095;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=A4sHJ0uGd/0eErR7PFl+RWk3gHbczSzplTSSzCUNeA0=;
	b=Y9PaQXPD20Phbox/A0HcOHAi0+Aamturm0o2rJcJk4UyTI3/KLZtSnNI/DlHA8a75hpKEw
	jNAwV6DyUfJZmbwUl3FX6lunJv8Yu7V4oZBe/F8gijGWahrJ+GhvhSulpQw9YAtYv6mCJy
	a8gTncyOoI7kptRN2nZQsP0O1wkfyYs=
Authentication-Results: imf26.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=R7Wd1HAd;
	spf=pass (imf26.hostedemail.com: domain of nadav.amit@gmail.com designates 209.85.214.176 as permitted sender) smtp.mailfrom=nadav.amit@gmail.com;
	dmarc=pass (policy=none) header.from=gmail.com
X-Rspamd-Server: rspam05
X-Rspamd-Queue-Id: C3912140007
X-Stat-Signature: 8i9ngwzt371g59a83gf4jido5swdzg6d
X-Rspam-User: 
X-HE-Tag: 1667089095-90005
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Oct 29, 2022, at 12:14 PM, Linus Torvalds =
<torvalds@linux-foundation.org> wrote:

> It didn't fail for me before, it doesn't fail for me with those =
patches.

For the record, I tried to run the PoC on another machine, and it indeed =
did
not fail.

Turns out I had a small bug in one of the mechanisms that were intended =
to
make the failure more likely (I should have mapped again or madvised
HPAGE_SIZE to increase the time zap_pte_range spends to increase the
probability of the race).

I am still trying to figure out how to address this issue, and whether =
the
fact that some rmap_walk(), which do not use PVMW_SYNC are of an issue.

---

#define _GNU_SOURCE
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <pthread.h>
#include <sys/mman.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <time.h>

#define handle_error(msg) \
   do { perror(msg); exit(EXIT_FAILURE); } while (0)

void *p;
volatile bool stop =3D false;
pid_t flusher_pid;
int fd;

#define PAGE_SIZE	(4096ul)
#define PAGES_PER_PMD	(512)
#define HPAGE_SIZE	(PAGE_SIZE * PAGES_PER_PMD)

// Comment MUNMAP_TEST for MADV_DONTNEED test
#define MUNMAP_TEST

void *dirtying_thread(void *arg)
{
	int i;

	while (!stop) {
		for (i =3D 1; i < PAGES_PER_PMD; i++) {
			*(volatile char *)(p + (i * PAGE_SIZE) + 64) =3D =
5;
		}
	}
	return NULL;
}

void *checking_thread(void *arg)
{
	volatile unsigned long *ul_p =3D (volatile unsigned long*)p;
	unsigned long cnt =3D 0;

	while (!stop) {
		*ul_p =3D cnt;
		if (*ul_p !=3D cnt) {
			printf("FAILED: expected %ld, got %ld\n", cnt, =
*ul_p);
			kill(flusher_pid, SIGTERM);
			exit(0);
		}
		cnt++;
	}
	return NULL;
}

void *remap_thread(void *arg)
{
	void *ptr;
	struct timespec t =3D {
		.tv_nsec =3D 10000,
	};

	while (!stop) {
#ifdef MUNMAP_TEST
		ptr =3D mmap(p, HPAGE_SIZE, PROT_READ|PROT_WRITE,
			   MAP_SHARED|MAP_FIXED|MAP_POPULATE, fd, 0);
		if (ptr =3D=3D MAP_FAILED)
			handle_error("remap_thread");
#else
		if (madvise(p, HPAGE_SIZE, MADV_DONTNEED) < 0)
			handle_error("MADV_DONTNEED");
		nanosleep(&t, NULL);
#endif
	}
	return NULL;
}

void flushing_process(void)
{
	// Remove the pages to speed up rmap_walk and allow to drop =
caches.
	if (madvise(p, HPAGE_SIZE, MADV_DONTNEED) < 0)
		handle_error("MADV_DONTNEED");

	while (true) {
		if (msync(p, PAGE_SIZE, MS_SYNC))
			handle_error("msync");
		if (posix_fadvise(fd, 0, PAGE_SIZE, =
POSIX_FADV_DONTNEED))
			handle_error("posix_fadvise");
	}
}

int main(int argc, char *argv[])
{
	void *(*thread_funcs[])(void*) =3D {
		&dirtying_thread,
		&checking_thread,
		&remap_thread,
	};
	int r, i;
	int rc1, rc2;
	unsigned long addr;
	void *ptr;
	char *page =3D malloc(PAGE_SIZE);
	int n_threads =3D sizeof(thread_funcs) / sizeof(*thread_funcs);
	pthread_t *threads =3D malloc(sizeof(pthread_t) * n_threads);
	pid_t pid;

	if (argc < 2) {
		fprintf(stderr, "usages: %s [filename]\n", argv[0]);
		exit(EXIT_FAILURE);
	}

	fd =3D open(argv[1], O_RDWR|O_CREAT, 0666);
	if (fd =3D=3D -1)
		handle_error("open fd");

	for (i =3D 0; i < PAGES_PER_PMD; i++) {
		if (write(fd, page, PAGE_SIZE) !=3D PAGE_SIZE)
			handle_error("write");
	}
	free(page);

	ptr =3D mmap(NULL, HPAGE_SIZE * 2, PROT_NONE, =
MAP_PRIVATE|MAP_ANON,
                   -1, 0);

	if (ptr =3D=3D MAP_FAILED)
		handle_error("mmap anon");

	addr =3D (unsigned long)(ptr + HPAGE_SIZE - 1) & ~(HPAGE_SIZE - =
1);
	printf("starting...\n");

	ptr =3D mmap((void *)addr, HPAGE_SIZE, PROT_READ|PROT_WRITE,
		   MAP_SHARED|MAP_FIXED|MAP_POPULATE, fd, 0);

	if (ptr =3D=3D MAP_FAILED)
		handle_error("mmap file - start");

	p =3D ptr;

	for (i =3D 0; i < n_threads; i++) {
		r =3D pthread_create(&threads[i], NULL, thread_funcs[i], =
NULL);
		if (r)
			handle_error("pthread_create");
	}

	// Run the flushing process in a different process, so msync() =
would
	// not require mmap_lock.
	pid =3D fork();
	if (pid =3D=3D 0)
		flushing_process();
	flusher_pid =3D pid;

	sleep(60);

	stop =3D true;
	for (i =3D 0; i < n_threads; i++)
		pthread_join(threads[i], NULL);
	kill(flusher_pid, SIGTERM);
	printf("Finished without an error\n");

	exit(0);
}=