From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id DB394C25B75 for ; Thu, 30 May 2024 02:56:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 70CF06B0098; Wed, 29 May 2024 22:56:54 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 6BCC76B009B; Wed, 29 May 2024 22:56:54 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 586626B009C; Wed, 29 May 2024 22:56:54 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 3B02C6B0098 for ; Wed, 29 May 2024 22:56:54 -0400 (EDT) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id E05D6120911 for ; Thu, 30 May 2024 02:56:53 +0000 (UTC) X-FDA: 82173549906.04.8FA4961 Received: from mail-lj1-f182.google.com (mail-lj1-f182.google.com [209.85.208.182]) by imf22.hostedemail.com (Postfix) with ESMTP id 0A48DC0008 for ; Thu, 30 May 2024 02:56:51 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=a++BSchG; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf22.hostedemail.com: domain of huangzhaoyang@gmail.com designates 209.85.208.182 as permitted sender) smtp.mailfrom=huangzhaoyang@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1717037812; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=uKswQv9vOWbij26jBLWYSo21fHi9SD5RXG5TtneGY0w=; b=UdqbvG9gvrIpN5lMuwwNJDQ5aBU7A1z/Ud7aNvEN6DnnQA9TGggeUc6WE1/XbFa/pgczgz SdnVE/EzSjbE4xrUb7IKRgSRU7L8javcMSYVkLS/Z9s5cS7Clb/H08eN2onjK6IL26YHsL 7fuU5pVNF3w4LmSH3Qs23+zNvkNLJe0= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1717037812; a=rsa-sha256; cv=none; b=06OiJHF+HUGrBCt1u1FRs/1mW724/ZKPjXOhpo+RMMO07p8Z+73TkgYsunUM8Ob3c01RQe jpP0h6KEquyLDGhpq6k4TsjIiNSvioqXEoScGL9FBtObhBqCJtL0WEdHwN0+zozk+9JZo1 MYZ8mDd5PMl0sivIp7uL+M5A5/95+SY= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=a++BSchG; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf22.hostedemail.com: domain of huangzhaoyang@gmail.com designates 209.85.208.182 as permitted sender) smtp.mailfrom=huangzhaoyang@gmail.com Received: by mail-lj1-f182.google.com with SMTP id 38308e7fff4ca-2e95a1f9c53so4375231fa.0 for ; Wed, 29 May 2024 19:56:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1717037810; x=1717642610; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=uKswQv9vOWbij26jBLWYSo21fHi9SD5RXG5TtneGY0w=; b=a++BSchGN4fV8Wg5+/ZSACAsaD8QlFGblpdYd6CWwP/AqUpqUAfDgh5CnhkCD0NFkb 6urqSyPkWr47WTGNS447Z892gNxB1q+9QSw6IQ2pPMKctAZlpAGrDJuMsTXKnmtGvEbJ +6r/djdahg5hsHA4jyT4n0ZfGI9JvqgNftZGvu7ASsCBOQbEnVSSND62aUJkaKNCGKd1 +kGxQZ1IilrUc43lgjVYtRdp8z5oyzYavHGPd05bbvzyu0qMoTuSj21hig+BPmt2n9O1 UXd3N5oVn6XPcoMFaz+IKwfZvjnw9LcxEHZoAdL7gpnu6ESxVWqKM08ijxy7L6mHlNxW /8Sw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717037810; x=1717642610; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uKswQv9vOWbij26jBLWYSo21fHi9SD5RXG5TtneGY0w=; b=SCoMjhUR+R7MoOTreO7Oh6CapEBXepdmDB+YaQu4q5OLIr0K0ymYfCJKHRyGLP7foa rrHaU0I1/cu0TDKZJw3TjJGDjXUKEgxNfv8vQVNuvrUl69OQZvgm4PKfCQ3btmn9p4uC kMcD75VZYMpjMm2q2GFpCb04zYQjbOaTlG8cbwYlK+2r190ddjTY2lOb79Zws66JpDh2 x+yAr6en74sx4A00jq9n9q20em6noTnqCtTPWq5hZUHm88oV8r3dHtA2/sCaczMdVw89 H56qlyCgXfin4bHUFwsLkZ2pzkIXp+N4LTx2DWFqvVJJ37liUBCK+65R4KYA7N5vWz0m oB4g== X-Forwarded-Encrypted: i=1; AJvYcCWW6qPL8YpGquweyvCi5SrIqvlBWjIlX4t7sKZvssC/NHvNP5IZjNMzJGQ8yd7TwoEq9akYPcM1HgBXdyPgMs7qd4k= X-Gm-Message-State: AOJu0YzydfcHMRAAbuvUbfi3PGP9R3O9MAsVYm8URh95enSNRwAxspAJ cqRUqPl6vcyqg021eTIh5Hq3SBVbVhCZknuLd31SqxcWScxnf0JXcQiprI4XBhqvis/bdEEwU1g wpk253P5wTr5fYtFj8dxr5QV/2ck= X-Google-Smtp-Source: AGHT+IFHdaPznOOwq25PGPvHah0rs3J8h66WFAhG7pqRuuNSsQIKCVf40+wZoXITYhppyxfdypQ8COsBCyVi/lmTGMM= X-Received: by 2002:a2e:9c91:0:b0:2ea:7def:46d0 with SMTP id 38308e7fff4ca-2ea84782d1dmr3354241fa.9.1717037810182; Wed, 29 May 2024 19:56:50 -0700 (PDT) MIME-Version: 1.0 References: <20240530025144.1570865-1-zhaoyang.huang@unisoc.com> In-Reply-To: <20240530025144.1570865-1-zhaoyang.huang@unisoc.com> From: Zhaoyang Huang Date: Thu, 30 May 2024 10:56:39 +0800 Message-ID: Subject: Re: [PATCH] mm: fix incorrect vbq reference in purge_fragmented_block To: "zhaoyang.huang" , Thomas Gleixner Cc: Andrew Morton , Uladzislau Rezki , Christoph Hellwig , Lorenzo Stoakes , Baoquan He , linux-mm@kvack.org, linux-kernel@vger.kernel.org, steve.kang@unisoc.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: 9mjdf4ofkxwjuix4bw5db4xpr4kiyyr9 X-Rspamd-Queue-Id: 0A48DC0008 X-Rspam-User: X-Rspamd-Server: rspam01 X-HE-Tag: 1717037811-319917 X-HE-Meta: U2FsdGVkX1+J9CIVKcKSNB0+arZHGTKhPaypkseu/ig2R7A3MXRxYm5xpe3DlqQg1votDUkh4mEryuzFsk3pK7tbdihvrhEK1rZNVF2ZyjcykmbgMmlpCDNQNfp9/eN4wT1haup28cRUb5iIAriTRfT/5Mjf8oUZHtEMCnMXoIgtbDBqXdxloW/VE37JR+Y5T/ydXjHur4PLrZ/L6M27llTXIyGCRHG9SYUwPjsgcS9OFTHfn754c8Lzii4W+VfrH+ZeTInlzhgvXmXXEvAe57omI2Y+CZL9Q/uttVuexLu5SEylVcw5EWw+ICQQnnaGSidZQdlMiwueYX4mprnTDiMVBqgAXg9NYjvp/cjnoCZnUJz4LR+tjRPB0dzb7UHweb3AFrzQJfuDqlcArU7wkGUQla+a5M72nSD6gGw/iBlXnZewMy671Cb7HEWYNU0ajPQLVsl0mu1QWBlaYEECjQUwOjG05d1J6hMpzm6mdi5DDoO9/OFdk08Ex9mPCYP651kISOFZkAL24ALRLzdOLx+8ADPHdQSza6VsFbxLANVSCPFGLcGccpJFs67OTSW4RoPwoxZ3XIfJKzjsyGI/0EI/4XrHVozLfO0GCk6NI8BUHdzSJNtdnMBWRNxfuhDlrlThf/fIieoLem1z9UCS1Q2D7nCplBcy3WFfV8ejCOHZ8WIFw0WB271ufqii5Swk2NBDip5F37k+kLK4vq9Qejecr7U21L2sgyz/+odTxEjwLQn+AmywZwoPjGs+T28DPZbyyPHRJGmHu7faOlyk/7jbl3kHJmRaOffTOep02jM5fW2yN6E6fVfNgR8OJiURqj/9fs0HL345/v5t5dLxTHCYYQKsYd9aPbri89Ty294BKfrHO+/pfh96OFYVAYQVJc7ELT4UWpKhWYN27pjBXHYwMfKDJGnZow1Wvoj4nV5R/Pc7Ley1ljQRpd+IwIqkO3A2V0bG3/23bCC8k47 dB61yMcL CgwCr+8kQRbQjBWb5FaxrHVBOQtJV4GYvdGsnS5E4YqSqkrPd5p9vVhu1MJPctJqxaju2pCI6eE/LIvok1YNVxKltPrtD9gwjZSJk3bPJnUCnZE4NaPaCBHaeX7LdM5AB4S+KtfmWU+Cwe1t+w+NrGrfAX5+FxFuy+kRWcBojI5GuHfygmqo7sjb726b1lZasvFHKDoByvSAWDcSDkFE8vz9ZvqdsiZ7a1DSZrOVrVmfD4NgIIfNGG8BtcHVMgslyzDDAQNOKTub3GPUn3+tZSEVdYvRoYsvHsGujueDLjzCPL2Or3u4G/5CS5hmlxpFrrEhulqjqOLvwodiq0sUfFjub/vslWMaDXTQXr1FK6ik3nUtJwcNN5yqeF1NeMRIJFrGAahWM2SgIHP6Bi3e7iMgQt9PRXCoNft42SvJkc9GwLVL1ET2djsvQTbcZNKijoBcglTXHVfcedmxZm4cfyzjywS75VpzacUph3L4D9jpRPiziyoSYsctJ0A== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: loop Thomas On Thu, May 30, 2024 at 10:52=E2=80=AFAM zhaoyang.huang wrote: > > From: Zhaoyang Huang > > Broken vbq->free reported on a v6.6 based system which is caused > by invalid vbq->lock protect over vbq->free in purge_fragmented_block. > This should be introduced by the Fixes below which ignored vbq->lock > matter. > > Fixes: fc1e0d980037 ("mm/vmalloc: prevent stale TLBs in fully utilized bl= ocks") > > Signed-off-by: Zhaoyang Huang > --- > mm/vmalloc.c | 11 +++++++---- > 1 file changed, 7 insertions(+), 4 deletions(-) > > diff --git a/mm/vmalloc.c b/mm/vmalloc.c > index 22aa63f4ef63..112b50431725 100644 > --- a/mm/vmalloc.c > +++ b/mm/vmalloc.c > @@ -2614,9 +2614,10 @@ static void free_vmap_block(struct vmap_block *vb) > } > > static bool purge_fragmented_block(struct vmap_block *vb, > - struct vmap_block_queue *vbq, struct list_head *purge_lis= t, > - bool force_purge) > + struct list_head *purge_list, bool force_purge) > { > + struct vmap_block_queue *vbq; > + > if (vb->free + vb->dirty !=3D VMAP_BBMAP_BITS || > vb->dirty =3D=3D VMAP_BBMAP_BITS) > return false; > @@ -2625,6 +2626,8 @@ static bool purge_fragmented_block(struct vmap_bloc= k *vb, > if (!(force_purge || vb->free < VMAP_PURGE_THRESHOLD)) > return false; > > + vbq =3D container_of(addr_to_vb_xa(vb->va->va_start), > + struct vmap_block_queue, vmap_blocks); > /* prevent further allocs after releasing lock */ > WRITE_ONCE(vb->free, 0); > /* prevent purging it again */ > @@ -2664,7 +2667,7 @@ static void purge_fragmented_blocks(int cpu) > continue; > > spin_lock(&vb->lock); > - purge_fragmented_block(vb, vbq, &purge, true); > + purge_fragmented_block(vb, &purge, true); > spin_unlock(&vb->lock); > } > rcu_read_unlock(); > @@ -2801,7 +2804,7 @@ static void _vm_unmap_aliases(unsigned long start, = unsigned long end, int flush) > * not purgeable, check whether there is dirty > * space to be flushed. > */ > - if (!purge_fragmented_block(vb, vbq, &purge_list,= false) && > + if (!purge_fragmented_block(vb, &purge_list, fals= e) && > vb->dirty_max && vb->dirty !=3D VMAP_BBMAP_BI= TS) { > unsigned long va_start =3D vb->va->va_sta= rt; > unsigned long s, e; > -- > 2.25.1 >