From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6FED7D1AD43 for ; Wed, 16 Oct 2024 10:28:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D92406B007B; Wed, 16 Oct 2024 06:28:58 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id D41F96B0082; Wed, 16 Oct 2024 06:28:58 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C09DC6B0083; Wed, 16 Oct 2024 06:28:58 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id A3EEE6B007B for ; Wed, 16 Oct 2024 06:28:58 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id A856AC1B72 for ; Wed, 16 Oct 2024 10:28:47 +0000 (UTC) X-FDA: 82679092020.19.B88CB6E Received: from mout.web.de (mout.web.de [212.227.15.3]) by imf23.hostedemail.com (Postfix) with ESMTP id B41DA14000B for ; Wed, 16 Oct 2024 10:28:50 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=web.de header.s=s29768273 header.b=KUC3FfL6; dmarc=pass (policy=quarantine) header.from=web.de; spf=pass (imf23.hostedemail.com: domain of spasswolf@web.de designates 212.227.15.3 as permitted sender) smtp.mailfrom=spasswolf@web.de ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729074430; a=rsa-sha256; cv=none; b=Zinq9yjv0yEw6Z7kEh1K9WyIDXLCgm6vOPH7P1y924GaBCi9kW5NJDCbJxr6+54cG3rDVe yquOCWFNYauqqfFOmUTJYkcgAdCli3Js3AXL7lLMFDDcZhL/kwZRp0q2sToLwJaaHUAc72 p29R6Cz70tIgr92UCXI+6GPA8Jm5Rik= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=web.de header.s=s29768273 header.b=KUC3FfL6; dmarc=pass (policy=quarantine) header.from=web.de; spf=pass (imf23.hostedemail.com: domain of spasswolf@web.de designates 212.227.15.3 as permitted sender) smtp.mailfrom=spasswolf@web.de ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729074430; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=zDfoqgLtdwSDhWCua6b4bat7DM5huFT3TSNkpfKFdmI=; b=xAYwr350HRNjGyAF3BMNxDIFN0Q8jTBdHu2Wd89hb03ySV9hvCOwy66hgADDUrdwDlwraV YRRLh7oVoy6cWzZOyaC3AKBUsfN70qh6WNYCT3zg785Awfx2t1XRkuP8xykagHT+tWX++t kO9BY4B9nxUXW3aZz5SnlAGc0wR5WEc= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=web.de; s=s29768273; t=1729074533; x=1729679333; i=spasswolf@web.de; bh=zDfoqgLtdwSDhWCua6b4bat7DM5huFT3TSNkpfKFdmI=; h=X-UI-Sender-Class:Message-ID:Subject:From:To:Cc:Date:In-Reply-To: References:Content-Type:MIME-Version:Content-Transfer-Encoding:cc: content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=KUC3FfL6dK6gP6kI6GXycVa0x70gOVgaKh+25C8contPSveEB3P15bslPKON5/I2 k93a2+vhMxZanuLL13Cp2ScGu+F6zCY2JkvqakTa0yxwdRoXtx4/wjT6XAsSzloUa duhxSR0uuyA3ZCEPsaCQOivo+2aOphmq/fCLz1MjLljB2s2PJz8T2+0iSXgqqcgYC tUQJtFFbxhyppO8aQcyznOc0nfs53amjHDXthhLpGDCIazl6oGro8HH6ELmiahfK8 DWkgHAJbDEKYcDosdWlyLol97GUdqQGUdFubJgTLmKQKd3PLjE+1EeJuPPQ3/wNti Aasjj2tLGRgRmDOQUQ== X-UI-Sender-Class: 814a7b36-bfc1-4dae-8640-3722d8ec6cd6 Received: from [192.168.0.101] ([84.119.92.193]) by smtp.web.de (mrweb005 [213.165.67.108]) with ESMTPSA (Nemesis) id 1MjgXH-1tftnC1lSl-00lDOA; Wed, 16 Oct 2024 12:28:53 +0200 Message-ID: <3b4dccf8dfbfb5a9d7c07a745c48a96164fbf19a.camel@web.de> Subject: Re: [PATCH v8 14/21] mm/mmap: Avoid zeroing vma tree in mmap_region() From: Bert Karwatzki To: Lorenzo Stoakes Cc: "Liam R . Howlett" , Andrew Morton , linux-mm@kvack.org, linux-kernel@vger.kernel.org Date: Wed, 16 Oct 2024 12:28:51 +0200 In-Reply-To: <02217d08-bc08-4ffe-8e63-07878561f9b7@lucifer.local> References: <20241013223601.3823-1-spasswolf@web.de> <02217d08-bc08-4ffe-8e63-07878561f9b7@lucifer.local> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.54.0-1+b1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:8OCwwgktF/amC+f5zXUZ+R89/j0D+sZHnTcr/ZGlt4DG6simpol Q3cnErJh2PlMnPvjE1eL/C6IMjvDuN0x1rE4whu2jJ2x38D/vEGlI3jlPq7GgCfaB7FjK9/ /+Lhvawy48050kb7CIVvCwHpelHJnTiARORPI/bl9CyBaMuaqDqeSvK+20sN6ZUN/kUFtfu sSuOnGQa664j920oD8AQw== UI-OutboundReport: notjunk:1;M01:P0:V8RVBPwwDvs=;BYNRIfGXRdhkTugF6vDLmmDgIE+ eHOJQAErC/UKXJt+03PyiuKXapMvVz5WUgRsMW38Mx/SF1nr69l5fgiw8KERJOFKiIeav0Ev3 0eoyy0h1Zdp48P8nWbr7drsYhvY3lyV8FsOikrMqPcjd4qbW0dnEW4KZBYUkdhs/OyWtt9/XI gPAukiFxMjFgeO259jJZfGVjkCPe7RLViHKNN172hd/dQ7YuZKz+Z6dPlasp1tbLkqsGf+Xn9 mOQu0+yFNcRYlBLrG0BD3sSgSmcrJggwLXQHh/wo0TamKihOLNSZ1zgGypHfnffbGMzpQbfmx zUg8GyWO7PCq3WjmnQwfcXhHbSNIxFYz1RuJfUzI54RVHQ8udLlD3wFglI5s9pmfYHJQJx+q7 Lgxi6GLc3Hn4ES7cL8KbEUmQhZhriF+YuoZkBIJ3nKt3nf9DXJ1guGFaauxYlrrj8b1Xuk2zf jaii/TJ6ygWnLz4FuSBTf1Fs96nfJLqymPbZFjlEBTyIi7cNWwuz4AzOzsyBxYiRwqK9lXWMa 7vOr9HJ1yRQCclA3zg0BpUIArPEs75HKLOoQDGOwo83zOmf+iBrbKEaoOOWoCffxi97IqAAhp qPA46V+7TiHGvtP/mz8HHa+1CFzbQ3OoZMGdl2e9SP6nz9wDMhLhVsQ34KnYLZV3xi9z1KDHG 69iKj0Na3kjtgELlI3GFQ1z4ciU/a6e1DWvq5dj+7kdcyCYC+/qbhHHBPQClP6y98ULFjuxzl UycOwMkVWjtJZPAO4MVix0bWP63Vm1kDQdWXqV2irfznX6V/yjZ5g6RN5ny8SyxUB9a0tDl1Y FrO7F/eq6cAcAbTdUSnKqheA== X-Rspamd-Queue-Id: B41DA14000B X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: htkkxd5poxyhbq3wugfusknoqe8eqyih X-HE-Tag: 1729074530-71049 X-HE-Meta: U2FsdGVkX1+3W1QXCtami8nRIODXGK/FjMjfHJy/pWSYhCxNp+EUoi05idVAu0cqyL3GOMf/4eaPS6LgGEnZk7c0M9IzqTd4gQy41bbmq7mlGm0Ss4CitHaswQQuKIPqTvzjeN2BjPeDeIOzuZMpttLeD9exrcCV218RFtI+lGogxLk0xGFv20VIFFDKa/Hno4UZ9CzuPPu3MM0YUa+csH2w8fdtRY/2rHjqPG4Z2NtlLWT5dtcb7mL42q7Xhaoa/S+eLHUoXjtcdB7m3Aq6oJZXB1vQ8nao9P3OkFj91O1/ApyaqUC7IMmQXua9DyFaF6Qy+CwVgG/30makDVXGD0oIekw3cOsZrGm3GrDhgo5ZA4fMtfu1QR5GGaAAaYLbn5yajo1Pww/vjjTFswpDgKIcZ8qDygsE3HP621AIotn99ncXQExCeQFTahMg1v0FeNNSmzy315+aFBwbEo9uleAZ8VXcXlhAVzkv8DL1EC0R4gQiTS/a+NkF05x/Sg3CQKhjG8VFojw29ZrbQA+bbUBGfu0qxoCP1edW0GVxMdHJDgpNUoFn5xzbqTj0AUkXxZe2jYW/kEBI8CU0P5OzGlL+5PRixMNrQkkfHd6V+y/qgbEnBYwbncB+THnBdsYyLkHkA2mJqSe9dRK8hxAhBPbmQiWotJqwzN4nyOfPpFmZb8RY2xC0tMV/k8tcpvmK5P/CwUjXXiwXR1exp4dnres6hVdnTcihSJ50/C7ptr5dPUk0Bl3W8SIm0VfhbCX7touERSRHFkl04yn2IlPve/BO7zM371XrrhUr+JFFEPDS0FkyCQi6rUPoVEhhiz5B7mEjc31NbQ+eQZw6/lQxpL2jB5Q4BBCYXFWPZX/b9fuFoVDyU2O/kbAGNcwxvFedLZy5/T1IlbA94elxorGtNAN19XrE/+wC21a7078XpOWYD6cgZGfdBfTNKgd/HDN2qnM/LfrO7yXBqetBNX2 yrf7oHfi Z/h4wue3qop0d8dBUDrzrexCTxor+qZ8+dFB4pPWbkJvsQ1dMhRdhscjYhQTKa6zy87zol4YCeC6gwyN/zqLib86hGaOaunYwdo+bxohU8IVz2NOa01Ob7VewrUB1LV74EUtRY2QvsyjYzTbBYV/RaKutXx1OzsncMXpIUjrT/Lo1CoQgPjtv/GzNJZPKZbO6hIgd9o6sbYytZMkHlPQy106cEfe4ZsnCNd5PNJRt5Ng+AzY5uXumXoJIc9s32mmrJzamqN/vbCn2XvKkxQsy1Rq5u5xmC0Rpgf9sw+S38Uwv/SyUTWvtfzMSbLY6t85bAsmUkyhQwJ7oZhI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Am Montag, dem 14.10.2024 um 10:46 +0100 schrieb Lorenzo Stoakes: > On Mon, Oct 14, 2024 at 12:35:59AM +0200, Bert Karwatzki wrote: > > I created a program which can trigger the bug on newer kernel (after t= he > > "Avoid zeroing vma tree in mmap_region()" patch and before the fix). > > My original goal was to trigger the bug on older kernels, > > but that does not work, yet. > > > > Bert Karwatzki > > Thanks, that's great! > > For older kernels the problem should still be present, the fundamental > thing that changed from the point of view of this bug is that merge won'= t > contribute to the number of VMAs being overwritten at once. > > To trigger prior to commit f8d112a4e657 ("mm/mmap: avoid zeroing vma tre= e > in mmap_region()") you would need to create a situation where the _clear= _ > triggers the bug, i.e. you must consistute all the VMAs that are being > overwritten by the store from existing VMAs you are overwriting with a > MAP_FIXED. > > So some tweaks should get you there... > > I don't think triggering the bug on a clear works, because a write of a %N= ULL that will cause a node to end with a %NULL becomes a spanning write into t= he next node: /* * mas_is_span_wr() - Check if the write needs to be treated as a write th= at * spans the node. * @mas: The maple state * @piv: The pivot value being written * @type: The maple node type * @entry: The data to write * * Spanning writes are writes that start in one node and end in another OR= if * the write of a %NULL will cause the node to end with a %NULL. * * Return: True if this is a spanning write, false otherwise. */ static bool mas_is_span_wr(struct ma_wr_state *wr_mas) { I think the could would trigger in this situation Node_0 / / Node_1 / \ / \ Node_2 Node_3 but only if Node_3 contained only two ranges, one empty range and one norm= al range, and if the mmap into empty range of Node_3 would merge with the las= t range of Node_2 and the last range of Node_3. But I think the rebalancing = of the tree will make it very hard if not impossible to create such a node. Bert Karwatzki