From: Dev Jain <dev.jain@arm.com>
To: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>,
David Hildenbrand <david@redhat.com>
Cc: akpm@linux-foundation.org, ryan.roberts@arm.com,
willy@infradead.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org, catalin.marinas@arm.com,
will@kernel.org, Liam.Howlett@oracle.com, vbabka@suse.cz,
jannh@google.com, anshuman.khandual@arm.com, peterx@redhat.com,
joey.gouly@arm.com, ioworker0@gmail.com, baohua@kernel.org,
kevin.brodsky@arm.com, quic_zhenhuah@quicinc.com,
christophe.leroy@csgroup.eu, yangyicong@hisilicon.com,
linux-arm-kernel@lists.infradead.org, hughd@google.com,
yang@os.amperecomputing.com, ziy@nvidia.com
Subject: Re: [PATCH v2 6/7] mm: Batch around can_change_pte_writable()
Date: Wed, 30 Apr 2025 11:14:18 +0530 [thread overview]
Message-ID: <c7629a41-4069-4206-ae70-ec145a70fc67@arm.com> (raw)
In-Reply-To: <7cf8235e-21f7-4643-82c4-82ad57d99b98@lucifer.local>
On 29/04/25 7:27 pm, Lorenzo Stoakes wrote:
> On Tue, Apr 29, 2025 at 11:27:43AM +0200, David Hildenbrand wrote:
>> On 29.04.25 11:19, David Hildenbrand wrote:
>>>
>>>> #include "internal.h"
>>>> -bool can_change_pte_writable(struct vm_area_struct *vma, unsigned long addr,
>>>> - pte_t pte)
>>>> +bool can_change_ptes_writable(struct vm_area_struct *vma, unsigned long addr,
>>>> + pte_t pte, struct folio *folio, unsigned int nr)
>>>> {
>>>> struct page *page;
>>>> @@ -67,8 +67,9 @@ bool can_change_pte_writable(struct vm_area_struct *vma, unsigned long addr,
>>>> * write-fault handler similarly would map them writable without
>>>> * any additional checks while holding the PT lock.
>>>> */
>>>> - page = vm_normal_page(vma, addr, pte);
>>>> - return page && PageAnon(page) && PageAnonExclusive(page);
>>>> + if (!folio)
>>>> + folio = vm_normal_folio(vma, addr, pte);
>>>> + return folio_test_anon(folio) && !folio_maybe_mapped_shared(folio);
>>>
>>> Oh no, now I spot it. That is horribly wrong.
>>>
>>> Please understand first what you are doing.
>>
>> Also, would expect that the cow.c selftest would catch that:
>>
>> "vmsplice() + unmap in child with mprotect() optimization"
>>
>> After fork() we have a R/O PTE in the parent. Our child then uses vmsplice()
>> and unmaps the R/O PTE, meaning it is only left mapped by the parent.
>>
>> ret = mprotect(mem, size, PROT_READ);
>> ret |= mprotect(mem, size, PROT_READ|PROT_WRITE);
>>
>> should turn the PTE writable, although it shouldn't.
>
> This makes me concerned about the stability of this series as a whole...
>
>>
>> If that test case does not detect the issue you're introducing, we should
>> look into adding a test case that detects it.
>
> There are 25 tests that fail for the cow self-test with this series
> applied:
>
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with base page
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with PTE-mapped THP (16 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with single PTE of THP (16 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with partially shared THP (16 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with PTE-mapped THP (32 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with single PTE of THP (32 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with partially shared THP (32 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with PTE-mapped THP (64 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with single PTE of THP (64 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with partially shared THP (64 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with PTE-mapped THP (128 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with single PTE of THP (128 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with partially shared THP (128 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with PTE-mapped THP (256 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with single PTE of THP (256 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with partially shared THP (256 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with PTE-mapped THP (512 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with single PTE of THP (512 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with partially shared THP (512 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with PTE-mapped THP (1024 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with single PTE of THP (1024 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with partially shared THP (1024 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with PTE-mapped THP (2048 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with single PTE of THP (2048 kB)
> # [RUN] vmsplice() + unmap in child with mprotect() optimization ... with partially shared THP (2048 kB)
>
>
> Dev, please take a little more time to test your series :) the current
> patch set doesn't compile and needs fixes applied to do so, and we're at
> v2, and you've clearly not run self-tests as these also fail.
>
> Please ensure you do a smoke test and check compilation before sending out,
> as well as running self tests also.
Apologies, I over-confidently skipped over selftests, and didn't build
for x86 :( Shall take care.
>
> Thanks, Lorenzo
>
>>
>> --
>> Cheers,
>>
>> David / dhildenb
>>
next prev parent reply other threads:[~2025-04-30 5:44 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-29 5:23 [PATCH v2 0/7] Optimize mprotect for large folios Dev Jain
2025-04-29 5:23 ` [PATCH v2 1/7] mm: Refactor code in mprotect Dev Jain
2025-04-29 6:41 ` Anshuman Khandual
2025-04-29 6:54 ` Dev Jain
2025-04-29 11:00 ` Lorenzo Stoakes
2025-04-29 5:23 ` [PATCH v2 2/7] mm: Optimize mprotect() by batch-skipping PTEs Dev Jain
2025-04-29 7:14 ` Anshuman Khandual
2025-04-29 8:59 ` Dev Jain
2025-04-29 13:19 ` Lorenzo Stoakes
2025-04-30 6:37 ` Dev Jain
2025-04-30 13:18 ` Ryan Roberts
2025-04-30 13:36 ` Lorenzo Stoakes
2025-04-29 5:23 ` [PATCH v2 3/7] mm: Add batched versions of ptep_modify_prot_start/commit Dev Jain
2025-04-29 8:39 ` Anshuman Khandual
2025-04-29 9:01 ` Dev Jain
2025-04-29 13:52 ` Lorenzo Stoakes
2025-04-30 6:25 ` Dev Jain
2025-04-30 14:37 ` Lorenzo Stoakes
2025-05-06 14:30 ` David Hildenbrand
2025-05-06 15:03 ` Lorenzo Stoakes
2025-04-30 14:09 ` Ryan Roberts
2025-04-30 14:34 ` Lorenzo Stoakes
2025-05-01 11:33 ` Ryan Roberts
2025-05-01 12:58 ` Lorenzo Stoakes
2025-05-06 14:28 ` David Hildenbrand
2025-04-30 5:35 ` kernel test robot
2025-04-30 5:45 ` kernel test robot
2025-04-30 14:16 ` Ryan Roberts
2025-04-29 5:23 ` [PATCH v2 4/7] arm64: Add batched version of ptep_modify_prot_start Dev Jain
2025-04-30 5:43 ` Anshuman Khandual
2025-04-30 5:49 ` Dev Jain
2025-04-30 6:14 ` Anshuman Khandual
2025-04-30 6:32 ` Dev Jain
2025-04-29 5:23 ` [PATCH v2 5/7] arm64: Add batched version of ptep_modify_prot_commit Dev Jain
2025-04-29 5:23 ` [PATCH v2 6/7] mm: Batch around can_change_pte_writable() Dev Jain
2025-04-29 9:15 ` David Hildenbrand
2025-04-29 9:19 ` David Hildenbrand
2025-04-29 9:27 ` David Hildenbrand
2025-04-29 13:57 ` Lorenzo Stoakes
2025-04-29 14:00 ` David Hildenbrand
2025-04-30 5:44 ` Dev Jain [this message]
2025-05-06 9:16 ` Dev Jain
2025-05-06 14:34 ` David Hildenbrand
2025-04-30 6:17 ` kernel test robot
2025-04-29 5:23 ` [PATCH v2 7/7] mm: Optimize mprotect() through PTE-batching Dev Jain
2025-04-29 7:06 ` [PATCH v2 0/7] Optimize mprotect for large folios Lance Yang
2025-04-29 9:02 ` Dev Jain
2025-04-29 10:41 ` Lorenzo Stoakes
2025-04-30 5:42 ` Dev Jain
2025-04-30 6:22 ` Lance Yang
2025-04-30 7:07 ` Dev Jain
2025-04-29 11:03 ` Lorenzo Stoakes
2025-04-29 14:02 ` David Hildenbrand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c7629a41-4069-4206-ae70-ec145a70fc67@arm.com \
--to=dev.jain@arm.com \
--cc=Liam.Howlett@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=anshuman.khandual@arm.com \
--cc=baohua@kernel.org \
--cc=catalin.marinas@arm.com \
--cc=christophe.leroy@csgroup.eu \
--cc=david@redhat.com \
--cc=hughd@google.com \
--cc=ioworker0@gmail.com \
--cc=jannh@google.com \
--cc=joey.gouly@arm.com \
--cc=kevin.brodsky@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=peterx@redhat.com \
--cc=quic_zhenhuah@quicinc.com \
--cc=ryan.roberts@arm.com \
--cc=vbabka@suse.cz \
--cc=will@kernel.org \
--cc=willy@infradead.org \
--cc=yang@os.amperecomputing.com \
--cc=yangyicong@hisilicon.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox