Luis Chamberlain <mcgrof@xxxxxxxxxx> writes:
>> diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h
>> index 837e4a50281a..79c46da919b9 100644
>> --- a/arch/x86/include/asm/tlbflush.h
>> +++ b/arch/x86/include/asm/tlbflush.h
>> @@ -4,6 +4,7 @@
>>
>> #include <linux/mm_types.h>
>> #include <linux/sched.h>
>> +#include <linux/mmu_notifier.h>
>>
>> #include <asm/processor.h>
>> #include <asm/cpufeature.h>
>> @@ -282,6 +283,7 @@ static inline void arch_tlbbatch_add_pending(struct arch_tlbflush_unmap_batch *b
>> {
>> inc_mm_tlb_gen(mm);
>> cpumask_or(&batch->cpumask, &batch->cpumask, mm_cpumask(mm));
>> + mmu_notifier_arch_invalidate_secondary_tlbs(mm, 0, -1UL);
>> }
>>
>> static inline void arch_flush_tlb_batched_pending(struct mm_struct *mm)
>> diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c
>> index 0b990fb56b66..2d253919b3e8 100644
>> --- a/arch/x86/mm/tlb.c
>> +++ b/arch/x86/mm/tlb.c
>> @@ -1265,7 +1265,6 @@ void arch_tlbbatch_flush(struct arch_tlbflush_unmap_batch *batch)
>>
>> put_flush_tlb_info();
>> put_cpu();
>> - mmu_notifier_arch_invalidate_secondary_tlbs(current->mm, 0, -1UL);
>> }
>>
>> /*
>
> This patch also fixes a regression introduced on linux-next, the same
> crash on arch_tlbbatch_flush() is reproducible with fstests generic/176
> on XFS. This patch fixes that regression [0]. This should also close out
> the syzbot crash too [1]
>
> [0] https://gist.github.com/mcgrof/b37fc8cf7e6e1b3935242681de1a83e2
> [1] https://lore.kernel.org/all/0000000000003afcb4060135a664@xxxxxxxxxx/
>
> Tested-by: Luis Chamberlain <mcgrof@xxxxxxxxxx>
Thanks Luis. The above fix/respin is already in yesterdays linux-next
(next-20230724) so hopefully you are no longer seeing issues.
> Luis
