All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH for v6.1 regression] mm, mremap: fix mremap() expanding vma with addr inside vma
@ 2022-12-16 16:32 Vlastimil Babka
  2022-12-23  8:08 ` [PATCH for v6.1 regression] mm, mremap: fix mremap() expanding vma with addr inside vma #forregzbot Thorsten Leemhuis
  0 siblings, 1 reply; 2+ messages in thread
From: Vlastimil Babka @ 2022-12-16 16:32 UTC (permalink / raw)
  To: Andrew Morton
  Cc: linux-mm, patches, linux-kernel, Vlastimil Babka, Jiri Slaby,
	Jakub Matěna, stable, Kirill A . Shutemov, Liam Howlett,
	Matthew Wilcox, Mel Gorman, Michal Hocko

Since 6.1 we have noticed random rpm install failures that were tracked
to mremap() returning -ENOMEM and to commit ca3d76b0aa80 ("mm: add
merging after mremap resize").

The problem occurs when mremap() expands a VMA in place, but using an
starting address that's not vma->vm_start, but somewhere in the middle.
The extension_pgoff calculation introduced by the commit is wrong in
that case, so vma_merge() fails due to pgoffs not being compatible.
Fix the calculation.

By the way it seems that the situations, where rpm now expands a vma
from the middle, were made possible also due to that commit, thanks to
the improved vma merging. Yet it should work just fine, except for the
buggy calculation.

Reported-by: Jiri Slaby <jirislaby@kernel.org>
Link: https://bugzilla.suse.com/show_bug.cgi?id=1206359
Fixes: ca3d76b0aa80 ("mm: add merging after mremap resize")
Signed-off-by: Vlastimil Babka <vbabka@suse.cz>
Cc: Jakub Matěna <matenajakub@gmail.com>
Cc: <stable@vger.kernel.org>
Cc: "Kirill A . Shutemov" <kirill@shutemov.name>
Cc: Liam Howlett <liam.howlett@oracle.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Mel Gorman <mgorman@techsingularity.net>
Cc: Michal Hocko <mhocko@kernel.org>
---
Hi, this fixes a regression in 6.1 so please process ASAP so that stable
6.1.y can get the fix.

 mm/mremap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/mm/mremap.c b/mm/mremap.c
index e465ffe279bb..fe587c5d6591 100644
--- a/mm/mremap.c
+++ b/mm/mremap.c
@@ -1016,7 +1016,8 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
 			long pages = (new_len - old_len) >> PAGE_SHIFT;
 			unsigned long extension_start = addr + old_len;
 			unsigned long extension_end = addr + new_len;
-			pgoff_t extension_pgoff = vma->vm_pgoff + (old_len >> PAGE_SHIFT);
+			pgoff_t extension_pgoff = vma->vm_pgoff +
+				((extension_start - vma->vm_start) >> PAGE_SHIFT);
 
 			if (vma->vm_flags & VM_ACCOUNT) {
 				if (security_vm_enough_memory_mm(mm, pages)) {
-- 
2.38.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH for v6.1 regression] mm, mremap: fix mremap() expanding vma with addr inside vma #forregzbot
  2022-12-16 16:32 [PATCH for v6.1 regression] mm, mremap: fix mremap() expanding vma with addr inside vma Vlastimil Babka
@ 2022-12-23  8:08 ` Thorsten Leemhuis
  0 siblings, 0 replies; 2+ messages in thread
From: Thorsten Leemhuis @ 2022-12-23  8:08 UTC (permalink / raw)
  To: regressions; +Cc: linux-mm, linux-kernel

[Note: this mail contains only information for Linux kernel regression
tracking. Mails like these contain '#forregzbot' in the subject to make
then easy to spot and filter out. The author also tried to remove most
or all individuals from the list of recipients to spare them the hassle.]

On 16.12.22 17:32, Vlastimil Babka wrote:
> Since 6.1 we have noticed random rpm install failures that were tracked
> to mremap() returning -ENOMEM and to commit ca3d76b0aa80 ("mm: add
> merging after mremap resize").
> 
> The problem occurs when mremap() expands a VMA in place, but using an
> starting address that's not vma->vm_start, but somewhere in the middle.
> The extension_pgoff calculation introduced by the commit is wrong in
> that case, so vma_merge() fails due to pgoffs not being compatible.
> Fix the calculation.
> 
> By the way it seems that the situations, where rpm now expands a vma
> from the middle, were made possible also due to that commit, thanks to
> the improved vma merging. Yet it should work just fine, except for the
> buggy calculation.
> 
> Reported-by: Jiri Slaby <jirislaby@kernel.org>
> Link: https://bugzilla.suse.com/show_bug.cgi?id=1206359
> Fixes: ca3d76b0aa80 ("mm: add merging after mremap resize")

This is just for the record, the fix will soon land, but I want to have
this in the report I plan to send later.

#regzbot ^introduced ca3d76b0aa80
#regzbot from: Jiri Slaby <jirislaby@kernel.org>
#regzbot title mm: random rpm install failures that were tracked to
mremap() returning -ENOMEM
#regzbot fix mm, mremap: fix mremap() expanding vma with addr inside vma
#regzbot ignore-activity

Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat)

P.S.: As the Linux kernel's regression tracker I deal with a lot of
reports and sometimes miss something important when writing mails like
this. If that's the case here, don't hesitate to tell me in a public
reply, it's in everyone's interest to set the public record straight.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-12-23  8:08 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-16 16:32 [PATCH for v6.1 regression] mm, mremap: fix mremap() expanding vma with addr inside vma Vlastimil Babka
2022-12-23  8:08 ` [PATCH for v6.1 regression] mm, mremap: fix mremap() expanding vma with addr inside vma #forregzbot Thorsten Leemhuis

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.