This is a fix for a case where a backing huge page could stolen after madvise(MADV_DONTNEED). A full reproducer is in selftest. See https://lore.kernel.org/all/20240105155419.1939484-1-leitao@xxxxxxxxxx/ v1: * https://lore.kernel.org/all/20240117171058.2192286-1-leitao@xxxxxxxxxx/ v2: * In version 1, there was a lockdep dependency detected by syzbot. * https://lore.kernel.org/all/00000000000050a2fb060fdc478c@xxxxxxxxxx/ * The lockdep dependency was caused because `vma_add_reservation()` was called with the pte lock. This is fixed now by deferring the vma_add_reservation() to after the spinlock. * Version 2 fixes the problem above by setting the restore_reserve bit inside the ptl, but, calling vma_add_reservation() later, after the lock is released. * Reported by a test done by Ryan Roberts. In order to test this patch, I instrumented the kernel with LOCKDEP and KASAN, and run the following tests, without any regression: * The self test that reproduces the problem * All mm hugetlb selftests SUMMARY: PASS=9 SKIP=0 FAIL=0 * All libhugetlbfs tests PASS: 0 86 FAIL: 0 0 Breno Leitao (2): mm/hugetlb: Restore the reservation if needed selftests/mm: run_vmtests.sh: add hugetlb_madv_vs_map mm/hugetlb.c | 25 +++++++++++++++++++++++ tools/testing/selftests/mm/run_vmtests.sh | 1 + 2 files changed, 26 insertions(+) -- 2.34.1
