Received: by 2002:a05:6500:1b8f:b0:1fa:5c73:8e2d with SMTP id df15csp692887lqb; Wed, 29 May 2024 07:59:43 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXA5VbMUXgqMFg0i61wodv+Or/SgcMKu36vGfby4hxR48/qNf4YvIyYzwHIZtcr89OggnZCYdlmrxffQ+X1DHYY5Xav38pmhz5S8H18xg== X-Google-Smtp-Source: AGHT+IEvRot9dJiTDYOzKGR7RD1WY3qr7nJa7MxHbsoX7bJDmpcQKTQaZkiXlMy6qbn2F6QhwEUK X-Received: by 2002:a9d:7441:0:b0:6f0:e8fe:8a2c with SMTP id 46e09a7af769-6f8d0b25001mr16729975a34.26.1716994782966; Wed, 29 May 2024 07:59:42 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716994782; cv=pass; d=google.com; s=arc-20160816; b=JVfZ8B+4ltN0glH0t9ygy+WUus+bvEJXNUhbyK1hlgKVU3ypo9Womt6R0/if8V25Up +28G1Th6b+AUHFfLCuPf4rx2VnqSRwJIevPdHEWnxuJimkzYolmN1gSSkdMAy0NziEdp k0Iu5di2sHmE9oUCzPu4dPD3BHy2auKI9zt82TQbG+ILaY0pQBl5cFvswTBqLtvr0XJo OPO1QoCefudCBLYFFI5BhPmC7FWTn5k8+9gD/zrZYqnx0QmzQTI68Ksdq24UJ2ptTAnw KAKX6vYt1pU8/lNb0yMBUqLyciRns4Kj2ShIenxA4aFqkmyrTnPGo4ATxqMi9vbgIybF 5wbQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:list-unsubscribe:list-subscribe:list-id:precedence :references:message-id:subject:cc:to:from:date; bh=84g1txL0h/9rvruIYyGFcCMp0CByBjsxQwaFGq8T2Po=; fh=p2hPA/PnCRBtg+o8Ia8rqxpbev9bsvp9e0R5FHdf90I=; b=kRdi8imtVDz+xxf24DXVyLMGT7w+jQSzMhO/0NOdrTqHBvrqaS0h/afpb2VYHWlSXz wg8UgEL7Y7A147UIXeFTEXT9wID5nqGi0d1AWkdNhe18H++qqlQWIkaXhkm6EGSf0CHp GVULT1r0HLX+IfuYaI/2W7PxJQjK+ukjYc1efYseTksi4lb5EUOCs4vc4i8VKv/A+KS4 pyYEiFf3Df5aTOh21UEcjm+3gQvZYtd3BVrRR9AiwRvuEpcGmgfnwZAMDf4w6yIzLFMx JWfqfttQY7Lmic4MigwNw0wzkci0qCFwin8Qhc3K29YK3K/JBG0u7TrKfxX3z+mGCqOo ZaOw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com); spf=pass (google.com: domain of linux-kernel+bounces-194320-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-194320-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id d75a77b69052e-43fdd7ae482si33466431cf.289.2024.05.29.07.59.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 29 May 2024 07:59:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-194320-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=arm.com dmarc=pass fromdomain=arm.com); spf=pass (google.com: domain of linux-kernel+bounces-194320-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-194320-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 899C51C217ED for ; Wed, 29 May 2024 14:59:42 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 3574816C451; Wed, 29 May 2024 14:59:37 +0000 (UTC) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0A2E9D27E for ; Wed, 29 May 2024 14:59:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=217.140.110.172 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716994776; cv=none; b=DbIMFFsktmP4vMHYattwKxJUq0EaGZ01pDtYXtmHBGeZ1hRNy2Lsvfg7iZBxkrSAnrOIRq6PGV/hWQ/okhnMCfXGAoJGnCBpZ5wdcAUSXj6N3ZtRmBjzgegQFVA9p/8YKszDdd/0SV4Pa4sXqsXRmgeEzriSDtS5MB5p/rb65t8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716994776; c=relaxed/simple; bh=UHKZjpf1skOJpdAtuiUa+OI8N7rmSURssgbMjmMrXZg=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=XXCDWwNzQoTO5HCjpdhAbbk/vglBF25I9nIuN33FNz93DfPPuDAn6qRrV8Ro3w0RrkeFgZ8BT9sXbsb/cjoifJ2+0PvXWfG7N04TBc3+BFyh88Jnzi0MQT5D3Shjb0yjYeyhUlqARXw10GbPj4WpiDg4mKz47BJyk944nMo0TTY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com; spf=pass smtp.mailfrom=arm.com; arc=none smtp.client-ip=217.140.110.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=arm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=arm.com Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7475F339; Wed, 29 May 2024 07:59:58 -0700 (PDT) Received: from J2N7QTR9R3.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.121.207.14]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id BC97F3F762; Wed, 29 May 2024 07:59:31 -0700 (PDT) Date: Wed, 29 May 2024 15:59:13 +0100 From: Mark Rutland To: Barry Song <21cnbao@gmail.com> Cc: Will Deacon , akpm@linux-foundation.org, linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, Barry Song , Lance Yang , Ryan Roberts , David Hildenbrand , Jeff Xie , Kefeng Wang , Michal Hocko , Minchan Kim , Muchun Song , Peter Xu , Yang Shi , Yin Fengwei , Zach O'Keefe , Catalin Marinas Subject: Re: [PATCH] mm: arm64: Fix the out-of-bounds issue in contpte_clear_young_dirty_ptes Message-ID: References: <20240524005444.135417-1-21cnbao@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: On Tue, May 28, 2024 at 08:39:55PM +1200, Barry Song wrote: > On Tue, May 28, 2024 at 8:26 PM Mark Rutland wrote: > > On Fri, May 24, 2024 at 12:54:44PM +1200, Barry Song wrote: > > > From: Barry Song > > > > > > We are passing a huge nr to __clear_young_dirty_ptes() right > > > now. While we should pass the number of pages, we are actually > > > passing CONT_PTE_SIZE. This is causing lots of crashes of > > > MADV_FREE, panic oops could vary everytime. > > > > > > Fixes: 89e86854fb0a ("mm/arm64: override clear_young_dirty_ptes() batch helper") > > > > I was seeing ths same thing on v6.10-rc1 (syzkaller splat and reproducer > > included at the end of the mail). The patch makes sense to me, and fixed the > > splat in testing, so: > > > > Reviewed-by: Mark Rutland > > Tested-by: Mark Rutland > > Thanks! > > > Since this only affects arm64 and is already in mainline, I assume the fix > > should go via the arm64 tree even though the broken commit went via mm. > > Either mm or arm64 is fine with me, but I noticed that Andrew has already > included it in mm-hotfixes-unstable. If it works, we may want to stick with > that. :-) Going via mm is also fine by me, I had just expected it'd be quicker to go via arm64 (and evidently I was wrong there!). :) Mark.