Re: Test case for "mm/thp: carry over dirty bit when thp splits on pmd"

[Peter Xu <peterx@redhat.com>]

[-- Attachment #1: Type: text/plain, Size: 1671 bytes --]

Hi, Anatoly (or/and Hev),

On Wed, Nov 16, 2022 at 01:45:15PM +0300, Anatoly Pugachev wrote:
> On Wed, Nov 16, 2022 at 11:49 AM hev <r@hev.cc> wrote:
> >
> > Hello Peter,
> >
> > I see a random crash issue  on the LoongArch system, that is caused by
> > commit 0ccf7f1 ("mm/thp: carry over dirty bit when thp splits on
> > pmd").
> >
> > Now, the thing is already resolved. The root cause is arch's mkdirty
> > is set hardware writable bit in unconditional. That breaks
> > write-protect and then breaks COW.
> >
> > Here is a simple and fast testcase (It may be helpful for sparc64):
> > https://gist.github.com/heiher/72919fae6b53f04cac606a9631100506
> > (assertion: c sum == 0)
> 
> Just tried on my sparc64 VM -  fixed vs old (non-patched) kernels...
> 
> fixed kernel (6.1.0-rc5) running ./a.out:
> mator@ttip:~$ ./a.out
> c sum: 0
> p sum: 35184372088832
> c sum: 0
> p sum: 35184372088832
> c sum: 0
> p sum: 35184372088832
> c sum: 0
> p sum: 35184372088832
> c sum: 0
> p sum: 35184372088832
> ...
> 
> old (non-patched) kernel (6.1.0-rc4) :
> mator@ttip:~$ ./a.out
> c sum: 35150012350464
> p sum: 35184372088832
> c sum: 35150012350464
> p sum: 35184372088832
> ...

I've got another patch attached that might be nicer to fix this same
problem for both archs but without dropping the dirty bit, could you help
check whether it works?

Hopefully the new patch could replace the other one (624a2c94f5b7 Partly
revert "mm/thp: carry over dirty bit when thp splits on pmd") in Andrew's
tree before it lands next rc1, and this new one should be applicable
directly to e.g. v6.0 tag (or need to have 624a2c94f5b7 reverted if on any
of Andrew's trees).

-- 
Peter Xu

[-- Attachment #2: 0001-mm-thp-Wr-protect-pte-after-mkdirty.patch --]
[-- Type: text/plain, Size: 2490 bytes --]

From e349b24573870ef50d0c1b3bf124e14f5dfe1fa5 Mon Sep 17 00:00:00 2001
From: Peter Xu <peterx@redhat.com>
Date: Mon, 21 Nov 2022 13:36:59 -0500
Subject: [PATCH] mm/thp: Wr-protect pte after mkdirty
Content-type: text/plain

Anatoly Pugachev reported sparc64 breakage on the patch:

https://lore.kernel.org/r/20221021160603.GA23307@u164.east.ru

Hev <r@hev.cc> also reported similar issue on loongarch:

(the original mail was private, but Anatoly copied the list here)
https://lore.kernel.org/r/CADxRZqxqb7f_WhMh=jweZP+ynf_JwGd-0VwbYgp4P+T0-AXosw@mail.gmail.com

Also Hev pointed out that the issue is having HW write bit set within the
pte_mkdirty() so the split pte can be written after split even if e.g. they
were shared by more than one processes, causing data corrupt.

Hev also tried to explain why loongarch set HW write bit in mkdirty:

https://lore.kernel.org/r/CAHirt9itKO_K_HPboXh5AyJtt16Zf0cD73PtHvM=na39u_ztxA@mail.gmail.com

One way to fix it is as what Huacai proposed here for loongarch:

https://lore.kernel.org/r/20221117042532.4064448-1-chenhuacai@loongson.cnn

Or more agressively, not sure whether (IMHO) we can remove the
"optimization" to grant HW write bit in pte_mkdirty() in both archs,
leaving set the write bit only in pte_mkwrite().

For now the simpler solution that'll work for all is we wr-protect after
pte_mkdirty(), so the HW write bit can be persistent after thp split.

Cc: Hev <r@hev.cc>
Cc: Andrew Morton <akpm@linux-foundation.org>
Reported-by: Anatoly Pugachev <matorola@gmail.com>
Signed-off-by: Peter Xu <peterx@redhat.com>
---
 mm/huge_memory.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/mm/huge_memory.c b/mm/huge_memory.c
index e5f5a1a00596..ae90b65f6121 100644
--- a/mm/huge_memory.c
+++ b/mm/huge_memory.c
@@ -2191,13 +2191,18 @@ static void __split_huge_pmd_locked(struct vm_area_struct *vma, pmd_t *pmd,
 			entry = maybe_mkwrite(entry, vma);
 			if (anon_exclusive)
 				SetPageAnonExclusive(page + i);
-			if (!write)
-				entry = pte_wrprotect(entry);
 			if (!young)
 				entry = pte_mkold(entry);
 			/* NOTE: this may set soft-dirty too on some archs */
 			if (dirty)
 				entry = pte_mkdirty(entry);
+			/*
+			 * NOTE: this needs to happen after pte_mkdirty,
+			 * because some archs (sparc64, loongarch) could
+			 * set hw write bit when mkdirty.
+			 */
+			if (!write)
+				entry = pte_wrprotect(entry);
 			if (soft_dirty)
 				entry = pte_mksoft_dirty(entry);
 			if (uffd_wp)
-- 
2.37.3