On Wed, Sep 15, 2021 at 4:46 AM Kirill A. Shutemov <kirill@xxxxxxxxxxxxx> wrote:
>
> On Tue, Sep 14, 2021 at 11:37:15AM -0700, Yang Shi wrote:
> > diff --git a/mm/memory.c b/mm/memory.c
> > index 25fc46e87214..1765bf72ed16 100644
> > --- a/mm/memory.c
> > +++ b/mm/memory.c
> > @@ -3920,8 +3920,17 @@ vm_fault_t do_set_pmd(struct vm_fault *vmf, struct page *page)
> > if (unlikely(!pmd_none(*vmf->pmd)))
> > goto out;
> >
> > - for (i = 0; i < HPAGE_PMD_NR; i++)
> > + for (i = 0; i < HPAGE_PMD_NR; i++) {
> > + /*
> > + * Just backoff if any subpage of a THP is corrupted otherwise
> > + * the corrupted page may mapped by PMD silently to escape the
> > + * check. This kind of THP just can be PTE mapped. Access to
> > + * the corrupted subpage should trigger SIGBUS as expected.
> > + */
> > + if (PageHWPoison(page + i))
> > + goto out;
> > flush_icache_page(vma, page + i);
> > + }
>
> This is somewhat costly.
>
> flush_icache_page() is empty on most archs so compiler makes the loop go
> away before the change. Also page->flags for most of the pages will not
> necessary be hot.
Yeah, good point.
>
> I wounder if we should consider making PG_hwpoison to cover full compound
> page. On marking page hwpoison we try to split it and mark relevant base
> page, if split fails -- mark full compound page.
We need extra bits to record exactly which subpage(s) are poisoned so
that the right page can be isolated when splitting.
>
> As alternative we can have one more flag that indicates that the compound
> page contains at least one hwpoisoned base page. We should have enough
> space in the first tail page.
Yes, actually I was thinking about the same thing too when debugging
this problem. I think this approach is more feasible. We could add a
new flag in the first tail page just like doublemap which indicates
there is/are poisoned subpage(s). It could be cleared when splitting.
I will try to implement this in the next version. Thanks a lot for the
suggestion.
>
> --
> Kirill A. Shutemov
