From patchwork Sat Oct 13 00:24:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrea Arcangeli X-Patchwork-Id: 10639757 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id F3AAB17E1 for ; Sat, 13 Oct 2018 00:24:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id DD6B72BAFF for ; Sat, 13 Oct 2018 00:24:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id D1A572BB04; Sat, 13 Oct 2018 00:24:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 71D592BAFF for ; Sat, 13 Oct 2018 00:24:34 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5E1F36B0299; Fri, 12 Oct 2018 20:24:33 -0400 (EDT) Delivered-To: linux-mm-outgoing@kvack.org Received: by kanga.kvack.org (Postfix, from userid 40) id 5908D6B029A; Fri, 12 Oct 2018 20:24:33 -0400 (EDT) X-Original-To: int-list-linux-mm@kvack.org X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 49A1F6B029A; Fri, 12 Oct 2018 20:24:33 -0400 (EDT) X-Original-To: linux-mm@kvack.org X-Delivered-To: linux-mm@kvack.org Received: from mail-qt1-f200.google.com (mail-qt1-f200.google.com [209.85.160.200]) by kanga.kvack.org (Postfix) with ESMTP id 2060D6B0296 for ; Fri, 12 Oct 2018 20:24:33 -0400 (EDT) Received: by mail-qt1-f200.google.com with SMTP id s56-v6so14041482qtk.2 for ; Fri, 12 Oct 2018 17:24:33 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-original-authentication-results:x-gm-message-state:from:to:cc :subject:date:message-id; bh=iKxFJn1zuEgyVzFjVlIThoNKjuveuksHN/P2EkBbK/U=; b=C+jENHhgzIqm0ErGZ99b+k6Dx5dY/YCgiboPwYCUGkarUkNGzCPl6AC2pJUXA7QrVy JzeUTtUL//GYu2iBk7EZNtkedtHqnkYU+IVSkRbLaLVZxxICATt9SLLkA21Z6JfQKGEC V82P/njbOYjT2bFsY2B4dm0NZ5qShDY8Mtv3Usqm7E3OzhvIgttLNWQN6gBKJtlF1CNG AyR4o1uRcMGvLt6fNIF87wQewePPt5OtsnBYwLp7Rbz2FkBf8HmTLf2uIPQSvcbLZjJ2 iMGsmTYoSSp2qk7tref42m0/w7ckg9VAw/xe7zGdQTczaFFVGQOyXw80AjVX8HJ+X90h wYpQ== X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of aarcange@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=aarcange@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com X-Gm-Message-State: ABuFfohQMLWRs3XCc7es7Z1MSBvsg6CBS6MnuDsVG315YO2eyYalgtTT xLjWzFoCkLUjnaSXq8FzetdbFIuZg+3qhdRukhMT4ts1XFQearaAHOeYsP29lnJhr7F/b1ihtFW nSxxTpc1A1y6Ubq/CVW+1ZrK2nmk9isoAX5FhVSwyMj6M4hCa+YYGQ7l2mIS8eUBz2g== X-Received: by 2002:aed:3882:: with SMTP id k2-v6mr7406075qte.345.1539390272902; Fri, 12 Oct 2018 17:24:32 -0700 (PDT) X-Google-Smtp-Source: ACcGV61vBnw6UE0LNuEVvJOMdws3+hEUT1HMgT/47BhnUQ5BT7/0Q99zvmCyGl/V51G0OUPBEpL8 X-Received: by 2002:aed:3882:: with SMTP id k2-v6mr7406060qte.345.1539390272413; Fri, 12 Oct 2018 17:24:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1539390272; cv=none; d=google.com; s=arc-20160816; b=yZiya28EJ5g3ZZ46rSX27mZ2CQ5WTODogLvu59IcPE0RJmdZzB9sN1/dKGKt4XZm2y w/LUYFXNql5OiumtWUxv0hXAcFRlsWiidguCO/n8sniY1+WOSqe3YDBOEgqrizAxSrQC q9fGoay8eejj3L0wTBYljcCgMnMjDew+0h0eSrF5IMjNh0RMXcN88ltRql5rksPxASHQ fP1s8EYGCIeoIpRNOzZIXEoNf/NTgwdLV0rHXtxKK8fcyxeK6xYNPFAh8xdRZxTIKBmc R9XnEh2U/elr1ghhS6jwftYFusIPb6D7mBuy4+HJsqEWaZw6rV9YS0om1rB/oud5oG/p L7fQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:date:subject:cc:to:from; bh=iKxFJn1zuEgyVzFjVlIThoNKjuveuksHN/P2EkBbK/U=; b=XLUwqPDSR5eELy6s/11oPMHIZR4TUXta8lKOaEixytwkKlK6UYio8ZAamA8/5/XW9d V66bTS+1/1vLBH9KyhMrOa5wri8IXyeZqdwOz2g1lTIMVetVCaRcWSTSqOhcZQW+jhrc JB6lQ3r/egbK5DiLF/n1mPcc0pMlyd7OD+UDdGpsBvSKkv7ibUG6r3ygvr63yrNxwQM4 4ww/uolipUY0WgPJCbb0BBSMZ/aP0m8coN6JhmybzCoJNwpePrNPUvsL0pKBEMBlXgW9 93zu3wCbR59NJyBPE4gzvusYXkqCL2CcQe8tND8x8SLlR7PWdbl6QkaYaKHmXt2MX/8n Uw6Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of aarcange@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=aarcange@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from mx1.redhat.com (mx1.redhat.com. [209.132.183.28]) by mx.google.com with ESMTPS id 42-v6si72049qvp.34.2018.10.12.17.24.32 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 12 Oct 2018 17:24:32 -0700 (PDT) Received-SPF: pass (google.com: domain of aarcange@redhat.com designates 209.132.183.28 as permitted sender) client-ip=209.132.183.28; Authentication-Results: mx.google.com; spf=pass (google.com: domain of aarcange@redhat.com designates 209.132.183.28 as permitted sender) smtp.mailfrom=aarcange@redhat.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 8ED1A3001BCF; Sat, 13 Oct 2018 00:24:31 +0000 (UTC) Received: from sky.random (ovpn-120-22.rdu2.redhat.com [10.10.120.22]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5FA0480360; Sat, 13 Oct 2018 00:24:31 +0000 (UTC) From: Andrea Arcangeli To: linux-mm@kvack.org Cc: Aaron Tomlin , Mel Gorman , Jerome Glisse , "Kirill A. Shutemov" , Andrew Morton Subject: [PATCH 0/3] migrate_misplaced_transhuge_page race conditions Date: Fri, 12 Oct 2018 20:24:27 -0400 Message-Id: <20181013002430.698-1-aarcange@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.45]); Sat, 13 Oct 2018 00:24:31 +0000 (UTC) X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Aaron found a new instance of the THP MADV_DONTNEED race against pmdp_clear_flush* variants, that was apparently left unfixed. While looking into the race found by Aaron, I may have found two more issues in migrate_misplaced_transhuge_page. These race conditions would not cause kernel instability, but they'd corrupt userland data or leave data non zero after MADV_DONTNEED. I did only minor testing, and I don't expect to be able to reproduce this (especially the lack of ->invalidate_range before migrate_page_copy, requires the latest iommu hardware or infiniband to reproduce). The last patch is noop for x86 and it needs further review from maintainers of archs that implement flush_cache_range() (not in CC yet). To avoid confusion, it's not the first patch that introduces the bug fixed in the second patch, even before removing the pmdp_huge_clear_flush_notify, that _notify suffix was called after migrate_page_copy already run. Andrea Arcangeli (3): mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition mm: thp: fix mmu_notifier in migrate_misplaced_transhuge_page() mm: thp: relocate flush_cache_range() in migrate_misplaced_transhuge_page() mm/huge_memory.c | 14 +++++++++++++- mm/migrate.c | 43 ++++++++++++++++++++++++------------------- 2 files changed, 37 insertions(+), 20 deletions(-)