From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 49BF2C021A1 for ; Tue, 11 Feb 2025 09:30:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6C4FC6B007B; Tue, 11 Feb 2025 04:30:11 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 674E66B0085; Tue, 11 Feb 2025 04:30:11 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 563086B0088; Tue, 11 Feb 2025 04:30:11 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 3B26F6B007B for ; Tue, 11 Feb 2025 04:30:11 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id E281EA1395 for ; Tue, 11 Feb 2025 09:30:10 +0000 (UTC) X-FDA: 83107142580.26.064FBD5 Received: from mail-pl1-f172.google.com (mail-pl1-f172.google.com [209.85.214.172]) by imf15.hostedemail.com (Postfix) with ESMTP id 17546A000D for ; Tue, 11 Feb 2025 09:30:07 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=bytedance.com header.s=google header.b=OWoxAxe3; spf=pass (imf15.hostedemail.com: domain of zhengqi.arch@bytedance.com designates 209.85.214.172 as permitted sender) smtp.mailfrom=zhengqi.arch@bytedance.com; dmarc=pass (policy=quarantine) header.from=bytedance.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739266209; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=sZGf0xi/4b8W9mpMXk16WtP1In4vsvOrm+YoAOgFYnY=; b=rKqKcNR2LpQiU4Wlz5OiHhVbAMiabVMHCehKtFr3SxuWwjDCSEjUOYGgI3Q6bOSM6zQghX 3Cbaf+pobx+449aFsHOfm7TdcGlBtMlCWsRALhvo1eIMXOqxSSVVLJME+aKeGrg3O0yqmE JiceLy/VEjB2AbbtQYQGQLCKGh7Vw2Q= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739266209; a=rsa-sha256; cv=none; b=5ypf8re5tfsPO3lwhSBGZKOpP8DaErBi//tb1DjRPMEd5ceGS+8HV78KiMDBO2YDyNLvA9 DTK84OESTSyMCKb+OyhFjeSFd+ylK8MBbvML11oc3YVCn5qcEHWQi1QP/arxl5hWGHs1bw qagVMuPY+Dt+60S1sOuSunG/XMOwypI= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=bytedance.com header.s=google header.b=OWoxAxe3; spf=pass (imf15.hostedemail.com: domain of zhengqi.arch@bytedance.com designates 209.85.214.172 as permitted sender) smtp.mailfrom=zhengqi.arch@bytedance.com; dmarc=pass (policy=quarantine) header.from=bytedance.com Received: by mail-pl1-f172.google.com with SMTP id d9443c01a7336-21f61b01630so54643965ad.1 for ; Tue, 11 Feb 2025 01:30:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance.com; s=google; t=1739266206; x=1739871006; darn=kvack.org; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=sZGf0xi/4b8W9mpMXk16WtP1In4vsvOrm+YoAOgFYnY=; b=OWoxAxe38cVMAJHA7UuGKpNpoH9uDqS1fdD3MwG96jsB8Tyhc0nO/SpMgSrGKH/DJ4 HMComUUE0XM/8PQgT5lINWDnE6y23SFaF/8vmlWFY4+o1UPq3v8BPRR7vvZmJSZ7GqyC bsYwvFSAzLjP7E3hZu39F/cLemSgvzpZqHdZIlDKEjfIlpPt/VtbODLjNviykPOu7umq QVQW71rmowBNjPx/1iNP8iH8QznZTlDiJTDdMPSSNErYzbSb4nVM7xnwBxZYzfxIet8J TWpCw+1k1deWS14+piExugzWMLN59kg3ouJ9u/o3oFa3lMHFkRUFa4L3LgvFm36EJNVr L9tA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739266206; x=1739871006; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=sZGf0xi/4b8W9mpMXk16WtP1In4vsvOrm+YoAOgFYnY=; b=wdOY2kLDRmE/JWrYRzaGMHiZpN82Yj1ubcCgy86AEeAp7PnuQYHpF0eMN98AXc+RfW Urj31pMpe5BZRfqK07sm33RA/ehI4tI1aQN0svkWL23OZ0y8HjK9FDebgUQFg2d0EYbY MyhJNYcF2bQ/kZ3e4iI0j51WSrzRYBBdAyeQ8fuMBLK76yax5oVuz4r25ZqNsiiaw+Fk J6pCEhnEbnbMdRjXGMvrfu/jLsM2HOWcwMFSYx7j1ZbkaeaFxiIViU3wh3kT/lcLCkbL Wfl2K4vFk+sCdjH5ytCoXE/BzXDnnZCJRptBf0pb8VcSq+swuD4hXWdGPsDxH//7q2XG SOvw== X-Forwarded-Encrypted: i=1; AJvYcCWMH4bBOcqH26QG+0OjoqG5Uk8BC3ptZuJ7DYaQP/t2zcbL9o7paextUn+sWQDxeNaneyeHuK8cww==@kvack.org X-Gm-Message-State: AOJu0Ywbt4OiPHyi36hnnDa1O4MNKF3t+V3n6NJet48UKnlc20etWy7C bCLe5lcJqts8gRYSFsLbQQXGx3LuIEATFYYnG5trsIxBjPqEVvylD8r5woWE6ag= X-Gm-Gg: ASbGncuL0ofXTgjrOUPiYYEuis6RPeoFFhdhSXUmgtw5MWg16KcuzJc+uKT4YlR3V9B e16ksNFC9e6PmGcHELDRPhhTpJRKnXdxceNJ9ZxXqGEt5V0EE4fRGCNezuM8crVZNMWxnYmSHQF trXcWpQBB8iLhjvZESANjp8tVBg81TPEDrTpnpWZ+ZqQOox/+qgLeJdNZ/vTjpMhjQqJE0jYUgV e4sYQtQwTmMKPz+tGRPOHOdpMxDnqYqEgEASmWnODERW3gxlRcdOlvfqTU80eXtkCy3d4Aa8RZ5 qGmHDPhyBk7kVEsG7wGGM98NyfNhQoIyPqaNi/AOUw== X-Google-Smtp-Source: AGHT+IHz2wraFOMYkQVidUPLFFmnf8k8K12BClWjhTy636Rw37Ve8wP0uUjF/xA18SklE94GG5V2SA== X-Received: by 2002:a05:6a00:194e:b0:724:db17:f975 with SMTP id d2e1a72fcca58-73218ca2438mr4671628b3a.12.1739266206470; Tue, 11 Feb 2025 01:30:06 -0800 (PST) Received: from [10.84.150.121] ([203.208.167.153]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-730932871f1sm2921625b3a.151.2025.02.11.01.29.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 11 Feb 2025 01:30:06 -0800 (PST) Message-ID: <3f7babee-b232-4e6b-a896-947150dcd1ef@bytedance.com> Date: Tue, 11 Feb 2025 17:29:57 +0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [REGRESSION] NULL pointer dereference on ARM (AT91SAM9G25) during compaction Content-Language: en-US To: David Hildenbrand Cc: "Russell King (Oracle)" , Ezra Buehler , linux-mm@kvack.org, Andrew Morton , "Mike Rapoport (Microsoft)" , Muchun Song , Vlastimil Babka , Ryan Roberts , "Vishal Moola (Oracle)" , Hugh Dickins , Matthew Wilcox , Peter Xu , Nicolas Ferre , Alexandre Belloni , Claudiu Beznea , open list , linux-arm-kernel@lists.infradead.org References: <5d50d714-197f-44c0-94e0-ff70ee51e866@bytedance.com> <34bcf011-b4ac-479c-92ce-852623e73039@redhat.com> From: Qi Zheng In-Reply-To: <34bcf011-b4ac-479c-92ce-852623e73039@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Rspam-User: X-Rspamd-Queue-Id: 17546A000D X-Rspamd-Server: rspam07 X-Stat-Signature: ey991ay4jp8zse6qbuco14etaafddztd X-HE-Tag: 1739266207-905746 X-HE-Meta: U2FsdGVkX19txSovob+KrcHttMR8/ZADKsDV0rnoVt7+/6fYB43nMLHIhONHOvCtSyJzWIklBD6bq2q55RzEO0gwDOMTIdh3/9JY0b9VvfGjyEwQ9KTOhHo/MFVB8pa6dOjCAAY1LHTAhsfWtmFioBvvY97ZxiBL6hXFADmfiZEwvDvQF9/pM5DQZnvtA7ylE4yvkEeWNPX/XQdGwAUgc3wUmCajh4wnODlH1tPvxViesEjsfEiwTbI0/YAZGBAFdMclI94N7EmExxs7QopUS1lofsUxpX/1lY1L5u17EBP2+aeSJtnrYN4fgXp/JQnYf7Vivb52meTeiDhbHPCPXAbQbc6RB30q8uTLlQMpvZxbN/85Ig9gb+KClA3m185cmSEZzLspo24Hrdx5KWdglkjny/5+8Xe/NCMKVpLLu/7Knp29K4aAcWrldGlCywL8PVJIoLAwQJaw4RlVQyA7Z1AFZa0cnn6N+6CDU7m0YX2R8UysNufnvPY/vpyvonQBWMSXjRAoa8opQUln4WGP6oE5BEN7w4mC0oCNzMJy7+AWYehu2cMEfCysgTXC7WexAiLbdy1xsgr5Heq0YGk+LBidGaJiWt6oo/fLNcBaLZqZHLMXUe7KtrzNr9oEDevpSjsVdzz63K4F4HNQ/mtgxYV90ygZpsKExl9wjR5Z8C40X8smvrqszGsYb2Ih/XIcwGP6ODHRVVleC7/ldqON6fLdrFYGMYedbyYMGVcmKkjMSj4gEHhEHnbr8j+nHHPemcCFkV7WYfkfthsJyixOWzDWO+WL91IzEVOfSe2H57KsQmgZIu2L5XeGWUTvo6qXtbT7NRo0eiQ7w6ng5DaYALIYTavxpAPacNW3krs0QtmT3Itzxl14cLuRim9W17sSQAt6ga8Em71QhbuhQdDk8rmkxQaboNcPrWlNayjQvXcPCiNkilHGNBpPsEh0Y84W4fOwLZBFQJsfb/qmnYA MucxKdzE 2U/nWLizcR+bIMmLuGZ2gp5aCAO+QdQgvwiunqGx52kBAvVzEfqtJA1f5BSa10E0WrxZzY+ATTwrMklvWczpRjTvsg3pa+ioFidqKdw/FCCnzSFs3aPrY7nghVVslNqQedTlrnYItzkQtnN1ivleiYESDGeFvvic87qTge318rT2Ig2yZvtjwPlw48q6YjCA9y0xy5TRXFQ9dKK5QdCWpNPkNw57v/0EDij/pbaYSPJ1/Uk4BnaSrL6uUA+/+fKCy96RxPouCaUb7r/acu39quRjlNIXt+TA81qenBj3JQ0fVKV/8wDVJ5WdTKY9nIELdL/pcU51CpV8/8waVDQ1WgaoIvZbnrBrNrai51zInhvd56szXTDj1SDxRlfkyvI9JPOjKs7bVg9UQlHfhVV8Vw4oQwtKeP9J4hdA70uLY1iCem2QELvvIo9fEaQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 2025/2/11 17:14, David Hildenbrand wrote: > On 11.02.25 04:45, Qi Zheng wrote: >> Hi Russell, >> >> On 2025/2/11 01:03, Russell King (Oracle) wrote: >>> On Mon, Feb 10, 2025 at 05:49:38PM +0100, Ezra Buehler wrote: >>>> When running vanilla Linux 6.13 or newer (6.14-rc2) on the >>>> AT91SAM9G25-based GARDENA smart Gateway, we are seeing a NULL pointer >>>> dereference resulting in a kernel panic. The culprit seems to be commit >>>> fc9c45b71f43 ("arm: adjust_pte() usepte_offset_map_rw_nolock()"). >>>> Reverting the commit apparently fixes the issue. >>> >>> The blamed commit is buggy: >>> >>> arch/arm/include/asm/tlbflush.h: >>> #define update_mmu_cache(vma, addr, ptep) \ >>>           update_mmu_cache_range(NULL, vma, addr, ptep, 1) >>> >>> So vmf can be NULL. This didn't used to matter before this commit, >>> because vmf was not used by ARM's update_mmu_cache_range(). However, >>> the commit introduced a dereference of it, which now causes a NULL >>> point dereference. >>> >>> Not sure what the correct solution is, but at a guess, both: >>> >>>     if (ptl != vmf->ptl) >>> >>> need to become: >>> >>>     if (!vmf || ptl != vmf->ptl) >> >> No, we can't do that, because without using split PTE locks, we would >> use shared mm->page_table_lock, which would create a deadlock. > > Maybe we can simply special-case on CONFIG_SPLIT_PTE_PTLOCKS ? > > if (IS_ENABLED(CONFIG_SPLIT_PTE_PTLOCKS)) { In this case, if two vmas map the same PTE page, then the same PTE lock will be held repeatedly. Right? This seems to be a problem that existed before commit fc9c45b71f43 ("arm: adjust_pte() use pte_offset_map_rw_nolock()"). > > ... > } >