From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 09940C83F22 for ; Wed, 16 Jul 2025 17:44:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id A3B5A6B007B; Wed, 16 Jul 2025 13:44:24 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id A12EA6B0092; Wed, 16 Jul 2025 13:44:24 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 928916B0089; Wed, 16 Jul 2025 13:44:24 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 7F2F46B00AD for ; Wed, 16 Jul 2025 13:44:24 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 57EBE10FE8C for ; Wed, 16 Jul 2025 17:44:24 +0000 (UTC) X-FDA: 83670852048.29.CC6B9D3 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf25.hostedemail.com (Postfix) with ESMTP id 2C01FA0006 for ; Wed, 16 Jul 2025 17:44:20 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=UhEIap5O; dmarc=pass (policy=quarantine) header.from=redhat.com; spf=pass (imf25.hostedemail.com: domain of luizcap@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=luizcap@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1752687862; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=gz0sK/5v9SZNPL4ZcHETgu2NgiRODS/MSlGwinGMW78=; b=2MUNo9p4tGcpUywbDNPx7KVkM8C7a2FrE9BIx5TmfwuV23z0STf93f7XY2B5OWyWbcyYgq /Owozl8ntC2ewoQS1jRSCw9RuFA/MwDiO5Em/B/1+yP3D6NDo9H3jKBxvhzSVxj1Dl2VSK JJWrdov9VslIaQ7uzRMEEWvr2rloWAY= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1752687862; a=rsa-sha256; cv=none; b=1yuExC5Cr8sf0ba9aeXOJVTxKmpYTRlyLXQZhbA7OLmyfD+gFM2uINqRzOAx0RNrBCKH65 LSurMrTpt8jDfZ8tZvrdNIkajpob017VhhQFLZ/FV3JYgkBHkHrKS7EgMGUIFM60t18kEa bX2cGP3os/l+kFgnR6yrQ3SrOlYlk/U= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=UhEIap5O; dmarc=pass (policy=quarantine) header.from=redhat.com; spf=pass (imf25.hostedemail.com: domain of luizcap@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=luizcap@redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1752687859; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=gz0sK/5v9SZNPL4ZcHETgu2NgiRODS/MSlGwinGMW78=; b=UhEIap5OCdaT8JGQ3ZdywvmNnpirca0lul2QN/Q/KcX4LLkszaXH2QESB7yqkzDM1WCxjf QgqcXxR27WIj7fLfzFOdu5ip0MrI6evMPRR0wr4cxzp0fQfFKSrpiRTfX0fsWY5hJ4F6Z3 9FRa+qBb3o7u6uUESES3scCTnq3RUOA= Received: from mail-qt1-f198.google.com (mail-qt1-f198.google.com [209.85.160.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-307-gQ1DEl9VPXWrFxbdppwvPA-1; Wed, 16 Jul 2025 13:41:32 -0400 X-MC-Unique: gQ1DEl9VPXWrFxbdppwvPA-1 X-Mimecast-MFC-AGG-ID: gQ1DEl9VPXWrFxbdppwvPA_1752687691 Received: by mail-qt1-f198.google.com with SMTP id d75a77b69052e-4ab5d8797ecso2511711cf.2 for ; Wed, 16 Jul 2025 10:41:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1752687691; x=1753292491; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=gz0sK/5v9SZNPL4ZcHETgu2NgiRODS/MSlGwinGMW78=; b=lPgzMcn0MBVSDwjBeIes0Gzn8GjLAYbnz2s6Sy2ubB4vRQt2NmqDMOuRY/hFzw/A7m HMHwyd/nukWuByyh7RoC6v521hr+Uy65yJOaPXLz0bufQZYjn9MfI/V0U/Awb+fMvbsF /wMq8TrjonnVb1SPDy/tBrSMB6eY0G7AYzxuNLckOE0zFAA8Fm4yOctD7nbGl6B8RKxV 7cpJuTfqcCwdaI49C0Cr2wFgs4KbPzE2Ue9q2UT66RT9qjbR0g5vYUo+CeIlo8zL8Xqu iMQyX+/jeaaUovo0etP1EBjWxRv5/XLNxROytx9PIXDhQOpP8pex3sjzTWnpOdKc44zV Jebg== X-Forwarded-Encrypted: i=1; AJvYcCVov0wB56k6zllmaLPbKd0CRh0TW6IryBiEi+hmlPdl3Z4zlz5JP1CdBocbcplP1gRpKMxSZWDw+w==@kvack.org X-Gm-Message-State: AOJu0YxKHX7rxW6mnPcxdtbHCto+PIbKoWBFDx0aKSDagj7UNHItxwcx 5mqNaRqZDXdooi3zrkMe0LYmkYt3Gzfk9OaxLXBODXltkpaFFhLiC4N9p1qzS0EvTfrLT+MIFR8 5VFD/WbbSCQ7LOeBPyG2pGUSl76tPDgWKuhefvDdG1J2/LGuSp6EvDVNae+S9Q8o= X-Gm-Gg: ASbGncttF3PARPsdeODeqej7ltP7WG5yVkNI0lxZ0LBjxEBH9IZ70FP3mSK7gmKF5cP EkwbkUdzn6V1BNYXJblDTqHElqvsphQJLpn2jlgYmAfmQ1qnrobMhnAHKwerWGfah67X1j+qHOI V5C3WFlg9wMW79kGfxN3kN4e5nLKiGtLvMaIaFguD5fzyCcK/XWc6eCaRZHX3/REjJtH5We+qW7 lFa2LWNM8xP36kovh+LOuxNAFj4kHLABlMJl913ArKHCe8gp+8dEiTceZBKh8oFbeTDhMJxse5Y RRYiF6Kaxk6JN05DSoeJPhutqqRMnoIhYxSj4UU3Mau2QgBbnRF4DBQysiPnPC0eXIwcInyla2r 0mAW3wdaz3ZKy6RWOP9KnPIqnVt8= X-Received: by 2002:a05:622a:5a8c:b0:4ab:9586:bdd7 with SMTP id d75a77b69052e-4ab9586c4b7mr46458751cf.54.1752687691185; Wed, 16 Jul 2025 10:41:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFwFG92bZhz3XcuCPtvH+cLYhqDTsLqOnZ1eUKRT/LVywceMAdoG9EQQQ3i3wdnFWaFOVESTQ== X-Received: by 2002:a05:622a:5a8c:b0:4ab:9586:bdd7 with SMTP id d75a77b69052e-4ab9586c4b7mr46458171cf.54.1752687690487; Wed, 16 Jul 2025 10:41:30 -0700 (PDT) Received: from [192.168.2.110] (bras-base-aylmpq0104w-grc-59-70-29-229-84.dsl.bell.ca. [70.29.229.84]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-4ab6a00c48fsm37096711cf.10.2025.07.16.10.41.29 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 16 Jul 2025 10:41:30 -0700 (PDT) Message-ID: <16a6a7c6-518a-4558-a8aa-698e24f2e189@redhat.com> Date: Wed, 16 Jul 2025 13:41:20 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v3 3/4] proc: kpagecount: use snapshot_page() To: David Hildenbrand , willy@infradead.org, akpm@linux-foundation.org Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org, shivankg@amd.com, sj@kernel.org, harry.yoo@oracle.com References: <1c05cc725b90962d56323ff2e28e9cc3ae397b68.1752499009.git.luizcap@redhat.com> From: Luiz Capitulino In-Reply-To: X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: Q61d6EoRQnha5a6hBHHj3Dg5jtQPEkEkEIDP7ZOEurQ_1752687691 X-Mimecast-Originator: redhat.com Content-Language: en-US, en-CA Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Stat-Signature: bgpeidzki5obhe3njbaurrwu9ddmjrj6 X-Rspamd-Queue-Id: 2C01FA0006 X-Rspamd-Server: rspam10 X-Rspam-User: X-HE-Tag: 1752687860-12495 X-HE-Meta: U2FsdGVkX1+V/qt/6uGZWpzf7x8/zAnnyJNgUxFn0xPsIiYqYNe5hgOpWOVvquMi0FYuLdDlTKNgtFb9nQqf9t+Jk8gneZ3MK86bnstSMnr6lC9urmxrGx7s00bjOM1t70C4LDh/og5tHgS093AVNZgw72deEZqtUE1YbYsef2PbKLTS24gh8sUYtpflMg/uz5/3b/mrrJfFZEFjU5GIEl4E3T3HBqmb328+IgD2oa22ZGjq9R2Id4jKoB/uPBYlI+rKScyFs85ltdfwZxDNOVgsDcO/Ml+m+E9BcGboRFNlojsbY04i7jW+Djp6dbYk1ThOxyhaAP4bl5yYTpiRWHGcww/NK6hgubkIJV4tkUSm1ErkJFQXQMvVEa+L3KM06W122RX/ObPbRW9r0X/4Ywoq2iReFb8nt+RWbcjlb8vB0gwQlDD1AomF3STxvKKUlXpABYSo1Gcqo4VjJuNbdBlRGtqzaH5hyEvV72HPH24UvzVfudayYmYk2rzDu8SDZTtVYPqvMrnoBSzobssCjinMPTG+NBDyrYjhhsVaKa5pgQJMIpa+AAUcb6t39o/V3QZVkTgmUsCUolJ4TiLN7dsnTjyI6iOBcFZAraLlw7HSxNEmTYSvGGsGelXx5rmzuvY9tikuPriU0V7c5ZhzPzySskpLPUM3jJTpGGPaJi9xYJsJtFSqVjagq33A47y+DV8V82QgGRiOfrinFBsJivZx1czfDOQI05OR0j/tmwrN6ml5+CdN7lWFqvJy7DC6dm1CmlQZXj1oV21RlL96QcakvpuB+P/rxOTvLQRydlExjG5jvmIXm7bpyo24u4X/iXFMpe6ayLN368ZwN59tr+xvgDxbvfUuQHWm5TRKNI+pbOM+XBwc7s/exr1rOAhyL8tiG2PbS6rsd953UMxbLw3izS7QW6QhtSbzzWwhxf2mEFotOQhPk2Fh67IaETUq8/ii/kqhc/Is0Nhsafz NfPpzXP6 AZFtAFtAS5gc/WZO0rt/5tz9YmciDkeCeOjIBdyt4/qtNXX84Lp1UjncCGf2kHzqn3SOVRU3IdHPfCghqIwBRVrpykIYjz3PeiFyxfsNd/jQUi8ghcPUhTONqwJCk9+pHb9AjwXsHUmvWj8s9h4sHXutQIIlCyIPtfTwLx/MF8UFCZyNHOvglb511RqRopbMKtBwAHeHZ89Ex4Iqx2CFVyCYGlTDtgouRJD5dREcULUauTIijE1bOQ1VJ3q2FCir1GNDcV1PM2UvhcyvvBtT9Q2kPk54QUf9gvG0YJnADMb+6f6kRqZT4+PKo+SQleFYZhOOXYZkwnGtogszKm5qRhTQ2YGsd0mYQZHD4e3NmuK8xdt0WiraGjLdPlxbYDfvPh7gFkbgnqANO47nbVrDIzezjlZgTP5RsVLmJIWqLKqrDPhjEaxLRV5039Hs7AlYn4cW+Ch3pNkKqHqrd+9O5as5oGy1VI8mmVWeYddbcXZhbvBvz2pXocqnV9FgddSySLSFo027JnA52u5tnRHNESnMN6WMvMaRx0yVd4wpAJAdobsSby+r+YMr9dLhAbju/dbWQRi3oq81SIU3yoL7cF5QxApCdQbjGmrJRKE+pwH4o51TqFkxVsKAuuPLOV7f7MbeEdMvm683Ev2gWgng6Q3aMCVN9HGXqBf4XZ9iKy7eldJMQTIULeTfUOA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 2025-07-16 06:17, David Hildenbrand wrote: > On 14.07.25 15:16, Luiz Capitulino wrote: >> Currently, the call to folio_precise_page_mapcount() from kpage_read() >> can race with a folio split. When the race happens we trigger a >> VM_BUG_ON_FOLIO() in folio_entire_mapcount() (see splat below). >> >> This commit fixes this race by using snapshot_page() so that we >> retrieve the folio mapcount using a folio snapshot. >> >> [ 2356.558576] page: refcount:1 mapcount:1 mapping:0000000000000000 index:0xffff85200 pfn:0x6f7c00 >> [ 2356.558748] memcg:ffff000651775780 >> [ 2356.558763] anon flags: 0xafffff60020838(uptodate|dirty|lru|owner_2|swapbacked|node=1|zone=2|lastcpupid=0xfffff) >> [ 2356.558796] raw: 00afffff60020838 fffffdffdb5d0048 fffffdffdadf7fc8 ffff00064c1629c1 >> [ 2356.558817] raw: 0000000ffff85200 0000000000000000 0000000100000000 ffff000651775780 >> [ 2356.558839] page dumped because: VM_BUG_ON_FOLIO(!folio_test_large(folio)) >> [ 2356.558882] ------------[ cut here ]------------ >> [ 2356.558897] kernel BUG at ./include/linux/mm.h:1103! >> [ 2356.558982] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP >> [ 2356.564729] CPU: 8 UID: 0 PID: 1864 Comm: folio-split-rac Tainted: G S W 6.15.0+ #3 PREEMPT(voluntary) >> [ 2356.566196] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN >> [ 2356.566814] Hardware name: Red Hat KVM, BIOS edk2-20241117-3.el9 11/17/2024 >> [ 2356.567684] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) >> [ 2356.568563] pc : kpage_read.constprop.0+0x26c/0x290 >> [ 2356.569605] lr : kpage_read.constprop.0+0x26c/0x290 >> [ 2356.569992] sp : ffff80008fb739b0 >> [ 2356.570263] x29: ffff80008fb739b0 x28: ffff00064aa69580 x27: 00000000ff000000 >> [ 2356.570842] x26: 0000fffffffffff8 x25: ffff00064aa69580 x24: ffff80008fb73ae0 >> [ 2356.571411] x23: 0000000000000001 x22: 0000ffff86c6e8b8 x21: 0000000000000008 >> [ 2356.571978] x20: 00000000006f7c00 x19: 0000ffff86c6e8b8 x18: 0000000000000000 >> [ 2356.572581] x17: 3630303066666666 x16: 0000000000000003 x15: 0000000000001000 >> [ 2356.573217] x14: 00000000ffffffff x13: 0000000000000004 x12: 00aaaaaa00aaaaaa >> [ 2356.577674] x11: 0000000000000000 x10: 00aaaaaa00aaaaaa x9 : ffffbf3afca6c300 >> [ 2356.578332] x8 : 0000000000000002 x7 : 0000000000000001 x6 : 0000000000000001 >> [ 2356.578984] x5 : ffff000c79812408 x4 : 0000000000000000 x3 : 0000000000000000 >> [ 2356.579635] x2 : 0000000000000000 x1 : ffff00064aa69580 x0 : 000000000000003e >> [ 2356.580286] Call trace: >> [ 2356.580524] kpage_read.constprop.0+0x26c/0x290 (P) >> [ 2356.580982] kpagecount_read+0x28/0x40 >> [ 2356.581336] proc_reg_read+0x38/0x100 >> [ 2356.581681] vfs_read+0xcc/0x320 >> [ 2356.581992] ksys_read+0x74/0x118 >> [ 2356.582306] __arm64_sys_read+0x24/0x38 >> [ 2356.582668] invoke_syscall+0x70/0x100 >> [ 2356.583022] el0_svc_common.constprop.0+0x48/0xf8 >> [ 2356.583456] do_el0_svc+0x28/0x40 >> [ 2356.583930] el0_svc+0x38/0x118 >> [ 2356.584328] el0t_64_sync_handler+0x144/0x168 >> [ 2356.584883] el0t_64_sync+0x19c/0x1a0 >> [ 2356.585350] Code: aa0103e0 9003a541 91082021 97f813fc (d4210000) >> [ 2356.586130] ---[ end trace 0000000000000000 ]--- >> [ 2356.587377] note: folio-split-rac[1864] exited with irqs disabled >> [ 2356.588050] note: folio-split-rac[1864] exited with preempt_count 1 >> >> Reported-by: syzbot+3d7dc5eaba6b932f8535@syzkaller.appspotmail.com >> Closes: https://lore.kernel.org/all/67812fbd.050a0220.d0267.0030.GAE@google.com/ >> Signed-off-by: Luiz Capitulino >> --- >> fs/proc/page.c | 21 +++++++++++++++++---- >> 1 file changed, 17 insertions(+), 4 deletions(-) >> >> diff --git a/fs/proc/page.c b/fs/proc/page.c >> index 999af26c7298..936f8bbe5a6f 100644 >> --- a/fs/proc/page.c >> +++ b/fs/proc/page.c >> @@ -43,6 +43,22 @@ static inline unsigned long get_max_dump_pfn(void) >> #endif >> } >> +static u64 get_kpage_count(const struct page *page) >> +{ >> + struct page_snapshot ps; >> + u64 ret; >> + >> + snapshot_page(&ps, page); > > Curious, if the snapshot is not faithful, maybe we simply want to return 0 or sth. like that? I chose the flag because it's not exactly that the snapshot failed as it tries to return something. But it's not a big deal to return failure instead. > > In any case > > Acked-by: David Hildenbrand >