Skip to content

Commit f2c57d9

Browse files
jankaratorvalds
jankara
authored and
torvalds
committed
mm: Fix warning in insert_pfn()
In DAX mode a write pagefault can race with write(2) in the following way: CPU0 CPU1 write fault for mapped zero page (hole) dax_iomap_rw() iomap_apply() xfs_file_iomap_begin() - allocates blocks dax_iomap_actor() invalidate_inode_pages2_range() - invalidates radix tree entries in given range dax_iomap_pte_fault() grab_mapping_entry() - no entry found, creates empty ... xfs_file_iomap_begin() - finds already allocated block ... vmf_insert_mixed_mkwrite() - WARNs and does nothing because there is still zero page mapped in PTE unmap_mapping_pages() This race results in WARN_ON from insert_pfn() and is occasionally triggered by fstest generic/344. Note that the race is otherwise harmless as before write(2) on CPU0 is finished, we will invalidate page tables properly and thus user of mmap will see modified data from write(2) from that point on. So just restrict the warning only to the case when the PFN in PTE is not zero page. Link: http://lkml.kernel.org/r/20180824154542.26872-1-jack@suse.cz Signed-off-by: Jan Kara <jack@suse.cz> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Cc: Ross Zwisler <ross.zwisler@linux.intel.com> Cc: Dan Williams <dan.j.williams@intel.com> Cc: Dave Jiang <dave.jiang@intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 parent dee6da2 commit f2c57d9

File tree

1 file changed

+7
-2
lines changed

1 file changed

+7
-2
lines changed

mm/memory.c

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1537,10 +1537,15 @@ static vm_fault_t insert_pfn(struct vm_area_struct *vma, unsigned long addr,
15371537
* in may not match the PFN we have mapped if the
15381538
* mapped PFN is a writeable COW page. In the mkwrite
15391539
* case we are creating a writable PTE for a shared
1540-
* mapping and we expect the PFNs to match.
1540+
* mapping and we expect the PFNs to match. If they
1541+
* don't match, we are likely racing with block
1542+
* allocation and mapping invalidation so just skip the
1543+
* update.
15411544
*/
1542-
if (WARN_ON_ONCE(pte_pfn(*pte) != pfn_t_to_pfn(pfn)))
1545+
if (pte_pfn(*pte) != pfn_t_to_pfn(pfn)) {
1546+
WARN_ON_ONCE(!is_zero_pfn(pte_pfn(*pte)));
15431547
goto out_unlock;
1548+
}
15441549
entry = *pte;
15451550
goto out_mkwrite;
15461551
} else

0 commit comments

Comments
 (0)