From patchwork Tue Jun 25 05:00:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Hugh Dickins X-Patchwork-Id: 13710598 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EBF14C2BBCA for ; Tue, 25 Jun 2024 05:00:30 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 78F186B032A; Tue, 25 Jun 2024 01:00:30 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 73E746B0333; Tue, 25 Jun 2024 01:00:30 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5E06F6B0335; Tue, 25 Jun 2024 01:00:30 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 3DF0D6B032A for ; Tue, 25 Jun 2024 01:00:30 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id EBF6E81678 for ; Tue, 25 Jun 2024 05:00:29 +0000 (UTC) X-FDA: 82268210178.20.EED4B94 Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com [209.85.219.176]) by imf05.hostedemail.com (Postfix) with ESMTP id 5061C100021 for ; Tue, 25 Jun 2024 05:00:28 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=SrtqIRKE; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf05.hostedemail.com: domain of hughd@google.com designates 209.85.219.176 as permitted sender) smtp.mailfrom=hughd@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1719291612; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=DI1Xy5KDlgelochwTug5ga0AHKmpmKH+0sr3zq1dLns=; b=FEUSGFRHeprq/Ku4BNCsHmKk0Eg84sRLKJhKMPOtKlKey/fwu6CipgthjtjNwVGYQOhNhf M2l4YeAbxeMzmaQ9qbb3en5EH+RErqNkiBiVY3UMZ3onYVAIno1aDtt/O5W6ViQn6+wJ3C hjOFOkMJDmGcMnIw7qBm7395gx641kg= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1719291612; a=rsa-sha256; cv=none; b=Be1o+HcNGydE/jFhTml5TvVLaX8WauEa7IFbgMXoRuaKfGo2B51OSY8BmO30ir43MIioqJ NDiFuMglhtpqD24U39H1nWQDFsnahZAlSQkDUHDeaOPXg47hlGXrT99QlzTgJIQqKfxRp6 l2HlnC//iKGY7rN/qmrL7FHYYzfCINQ= ARC-Authentication-Results: i=1; imf05.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=SrtqIRKE; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf05.hostedemail.com: domain of hughd@google.com designates 209.85.219.176 as permitted sender) smtp.mailfrom=hughd@google.com Received: by mail-yb1-f176.google.com with SMTP id 3f1490d57ef6-dfb05bcc50dso4432940276.0 for ; Mon, 24 Jun 2024 22:00:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1719291627; x=1719896427; darn=kvack.org; h=mime-version:message-id:subject:cc:to:from:date:from:to:cc:subject :date:message-id:reply-to; bh=DI1Xy5KDlgelochwTug5ga0AHKmpmKH+0sr3zq1dLns=; b=SrtqIRKE0Kx5US94hEeqk+YAoD4aXCVEfn2jd69SiDMKH8cpyVGUVB9eXVyK0WnQ3v KhgTy2nQKW2Xl9F3LcljkUJPcr01y23Unfb/HL2NR3U4mhY33m+Wd0G8nXq5NyENg8jV bf2CVLpQDVGBoFboxuyopZjizzV0mKDj/XsJsrC+W7My/v8x+RZKty1AM+3Tg8+XNdTu RhHJzjHOFHyeWak5JXuEB8BoTNBdVY6otYHNayGTTYhR841v+bm54wQyJ+eltjGlsXXj ngXK/SGsFSCGkgzswVZI74DcBuLrHjMxwtlQ5Jygeo8OFoT/XxxGktcahdqVwoCsNX3y gtPQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1719291627; x=1719896427; h=mime-version:message-id:subject:cc:to:from:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=DI1Xy5KDlgelochwTug5ga0AHKmpmKH+0sr3zq1dLns=; b=rOBIhUXwHzsZJfWuSoPP1YqSf3yF1UqwcFgeSk4t/I5zO42EJI94svi0u5sOB3b6bf zrOofxiejhVAeh10EdaRep/suQloKRgeS8UyMKG1CFUPBSjKENpJ2r35FyqerO4JVax5 GTaWzLJeVAdPFwzqg++cYtqVOxhLiBOg3cfOYTtsZ7EHLUIPmNEfcRUcVZ6aSBQMQzFa 3uPr5XZJ5Zn3CFMZX+4NffplM8H0d8yhpx6krigBuLuH5N873vb2VT/Wjw5tKXuwXGaj +I63DrJj2HIY4HMqopiv7wJcIJhgSl+1YZiZ+XIrsIx5NXPeAKqQssagK89ptZSUa5og TguA== X-Forwarded-Encrypted: i=1; AJvYcCVjhq/z9Q1Xq5IGL/ZpNvayKqW9s5sKrVPlTo7KZ2gxDkKgC5+2DeIjx+JfmFvoMnB1HRTKQ4vehlFbxDNaUHBgnco= X-Gm-Message-State: AOJu0YwsZIPBgzPRos5VD/aG7xP1EZWcyvZjR2fqDn/WFKPl7paXbJ7b VTSg26TxNEIIlzxeYv5yHyPR0aECNOkW5S6tNzt0FHGMlQHJicMg7qBfG6wykA== X-Google-Smtp-Source: AGHT+IGFk1PurXMG31Uk5SzyO+Em8L43BwfcrQN6GFSqRW5nktZuFr13rpp8empsxKSUmBQgdPrnjw== X-Received: by 2002:a25:d805:0:b0:e02:c7c9:732d with SMTP id 3f1490d57ef6-e0303fea29amr5275327276.60.1719291627156; Mon, 24 Jun 2024 22:00:27 -0700 (PDT) Received: from darker.attlocal.net (172-10-233-147.lightspeed.sntcca.sbcglobal.net. [172.10.233.147]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e02e6116b08sm3739945276.13.2024.06.24.22.00.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Jun 2024 22:00:26 -0700 (PDT) Date: Mon, 24 Jun 2024 22:00:24 -0700 (PDT) From: Hugh Dickins To: Andrew Morton cc: Barry Song <21cnbao@gmail.com>, Hugh Dickins , baolin.wang@linux.alibaba.com, chrisl@kernel.org, david@redhat.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, mhocko@suse.com, ryan.roberts@arm.com, shy828301@gmail.com, surenb@google.com, v-songbaohua@oppo.com, willy@infradead.org, ying.huang@intel.com, yosryahmed@google.com, yuanshuai@oppo.com, yuzhao@google.com Subject: [PATCH mm-unstable] mm: folio_add_new_anon_rmap() careful __folio_set_swapbacked() Message-ID: MIME-Version: 1.0 X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 5061C100021 X-Stat-Signature: n48i5ab13gckcajop433i18866r5miu6 X-Rspam-User: X-HE-Tag: 1719291628-748963 X-HE-Meta: U2FsdGVkX1+NyIXm2QhPMKWXv6HPcgnhp7vyZ3gVkCElZ4+X8mhXS4PjQwWLnKRkUlaSKoNnxgeEtVzbUjNusna9BNvjVl8QZVZh3hFHnTkyJMCxgzGgffGpzjrTRRS9RqAZABj1Y/iUQNZL5Lqz836KeDaQKJ5FImjbb12odopZWgzNMB+XNrYI287aLAZt2FUPaEDwsm3xt33A7viic1icaKU+AbfLlX5NApCjVpliFMwHkuMMIgI4L9LBDzoNsni36bzrmCpSOa4qISEpDZaQmC73y3G68fgIyAXRlPijxLJIGeRQBbglO7Y9pLmHhNNZKLTfVhfkwB7yBGnSLxoA0OMcwtBOhHlV+J20ukAHAP86/fYZHrV9EDGXUisJn79Z3m/EXOurhLssue6DZQYT6zMvRlir2cb3DJIsLFJCJlePDMFFcCwVwxnbuCd3k39VlD6cBmy68wfuSSZDLgmznjNX8gPFBWwmtQ4iDm03tjMXLYKdBRavOq0hiFwDJuHUCh6k70sVPExrqQs5a3QNMVIzyXxA5aZl7rVKDFCPvkVjp/WEWsnEZzC4brD23NJS7UljcGfrDWUz4tBaphMudDuky3a/h8Adfi3yYJOaO+PrwaeA2Cr41jzutBXBLiKhtRPbZhbiQCTRjjFAkgEfu/ZeMNzbbZCXg5EgQzkt3250pZOwCll2I581JksrOIi29TvWQKEqyNXChzjdfOwWzxtSoheUdJwW7kLFB3OE1Wi79KXms/j+PgA+nKjkSVdQPSAV3lfEo3+sMSOOAW4Ycm3T7Vly2cNnsZYwz0w2h0LPxQc7K86Tkegz4xSHflVGkyHMhroqvivyBkHNP0vEk2rfjrKRy5f3JvDLVQjSYOvMot+RDJ0OzwGUMWa1aTYLURvACeGEPC2I2ZRRMA8KVBvvGA1K5szevcGtePw+FR+w+h3rbEoTdZYv7Jn86agSbamjQT3xjYZPw64 ALgkJXPf VdE3043x2lBtC/S5zi6DbTS7FOrwicxSPVf8duzVM6RoO7NhYSJWS7WUPkU8kmU3kmLw3NwGxEkhADpvoILKQMrr9YkLCYxQkfrSRIXoifZaoutaMTksU+UOuZUPh0XjxJ43ig1p3lO26tLFySmnMtA/mgswamfaIkVGjih+uNuO5Fd7lJd3Lw2S6kLK0GGWyThJGCcb9bREoTm6dWhAcXbtJOa7rHMyva+46OY5WIs4z/Nm/ydtMPTzdFRrnVS9bHSITTvc6/LJbgRatTdmiuM+cV8m6AmRd8//INAMvzMpJU+D+32dGp1rjHogvuEm85P0o2TXEvEiJDwbj19jfzF8ipcdC9ASZJlS+qoxh0hLe7Xr7fHQF/Pemvg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Commit "mm: use folio_add_new_anon_rmap() if folio_test_anon(folio)== false" has extended folio_add_new_anon_rmap() to use on non-exclusive folios, already visible to others in swap cache and on LRU. That renders its non-atomic __folio_set_swapbacked() unsafe: it risks overwriting concurrent atomic operations on folio->flags, losing bits added or restoring bits cleared. Since it's only used in this risky way when folio_test_locked and !folio_test_anon, many such races are excluded; but, for example, isolations by folio_test_clear_lru() are vulnerable, and setting or clearing active. It could just use the atomic folio_set_swapbacked(); but this function does try to avoid atomics where it can, so use a branch instead: just avoid setting swapbacked when it is already set, that is good enough. (Swapbacked is normally stable once set: lazyfree can undo it, but only later, when found anon in a page table.) This fixes a lot of instability under compaction and swapping loads: assorted "Bad page"s, VM_BUG_ON_FOLIO()s, apparently even page double frees - though I've not worked out what races could lead to the latter. Signed-off-by: Hugh Dickins Reviewed-by: David Hildenbrand --- mm/rmap.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/mm/rmap.c b/mm/rmap.c index df1a43295c85..5394c1178bf1 100644 --- a/mm/rmap.c +++ b/mm/rmap.c @@ -1408,7 +1408,9 @@ void folio_add_new_anon_rmap(struct folio *folio, struct vm_area_struct *vma, VM_WARN_ON_FOLIO(folio_test_hugetlb(folio), folio); VM_BUG_ON_VMA(address < vma->vm_start || address + (nr << PAGE_SHIFT) > vma->vm_end, vma); - __folio_set_swapbacked(folio); + + if (!folio_test_swapbacked(folio)) + __folio_set_swapbacked(folio); __folio_set_anon(folio, vma, address, exclusive); if (likely(!folio_test_large(folio))) {