patches/old/mm-remove-unnecessary-reset-state-logic-on-merge-new-vma.patch - pub/scm/linux/kernel/git/akpm/25-new - Git at Google

 From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
 Subject: mm: remove unnecessary reset state logic on merge new VMA
 Date: Fri, 25 Oct 2024 13:26:26 +0100

 The only place where this was used was in mmap_region(), which we have now
 adjusted to not require this to be performed (we reset ourselves in
 effect).

 It also created a dangerous assumption that VMG state could be safely
 reused after a merge, at which point it may have been mutated in
 unexpected ways, leading to subtle bugs.

 Note that it was discovered by Wei Yang that there was also an error in
 this code - we are comparing vmg->vma with prev after setting it to NULL.

 This however had no impact, as we previously reset VMA iterator state
 before attempting merge again, but it was useless effort.

 In any case, this patch removes all of the logic so also eliminates this
 wasted effort.

 Link: https://lkml.kernel.org/r/5d9a59eee6498ae017cc87d89aa723de7179f75d.1729858176.git.lorenzo.stoakes@oracle.com
 Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
 Reviewed-by: Vlastimil Babka <vbabka@suse.cz>
 Cc: Jann Horn <jannh@google.com>
 Cc: Liam R. Howlett <Liam.Howlett@Oracle.com>
 Cc: Linus Torvalds <torvalds@linux-foundation.org>
 Cc: Peter Xu <peterx@redhat.com>
 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
 ---

  mm/vma.c |   11 -----------
  1 file changed, 11 deletions(-)

 --- a/mm/vma.c~mm-remove-unnecessary-reset-state-logic-on-merge-new-vma
 +++ a/mm/vma.c
 @@ -963,7 +963,6 @@ struct vm_area_struct *vma_merge_new_ran
  	struct vm_area_struct *next = vmg->next;
  	unsigned long start = vmg->start;
  	unsigned long end = vmg->end;
 -	pgoff_t pgoff = vmg->pgoff;
  	pgoff_t pglen = PHYS_PFN(end - start);
  	bool can_merge_left, can_merge_right;
  	bool just_expand = vmg->merge_flags & VMG_FLAG_JUST_EXPAND;
 @@ -1020,16 +1019,6 @@ struct vm_area_struct *vma_merge_new_ran
  		return vmg->vma;
  	}

 -	/* If expansion failed, reset state. Allows us to retry merge later. */
 -	if (!just_expand) {
 -		vmg->vma = NULL;
 -		vmg->start = start;
 -		vmg->end = end;
 -		vmg->pgoff = pgoff;
 -		if (vmg->vma == prev)
 -			vma_iter_set(vmg->vmi, start);
 -	}
 -
  	return NULL;
  }

 _
	From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
	Subject: mm: remove unnecessary reset state logic on merge new VMA
	Date: Fri, 25 Oct 2024 13:26:26 +0100

	The only place where this was used was in mmap_region(), which we have now
	adjusted to not require this to be performed (we reset ourselves in
	effect).

	It also created a dangerous assumption that VMG state could be safely
	reused after a merge, at which point it may have been mutated in
	unexpected ways, leading to subtle bugs.

	Note that it was discovered by Wei Yang that there was also an error in
	this code - we are comparing vmg->vma with prev after setting it to NULL.

	This however had no impact, as we previously reset VMA iterator state
	before attempting merge again, but it was useless effort.

	In any case, this patch removes all of the logic so also eliminates this
	wasted effort.

	Link: https://lkml.kernel.org/r/5d9a59eee6498ae017cc87d89aa723de7179f75d.1729858176.git.lorenzo.stoakes@oracle.com
	Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
	Reviewed-by: Vlastimil Babka <vbabka@suse.cz>
	Cc: Jann Horn <jannh@google.com>
	Cc: Liam R. Howlett <Liam.Howlett@Oracle.com>
	Cc: Linus Torvalds <torvalds@linux-foundation.org>
	Cc: Peter Xu <peterx@redhat.com>
	Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
	---

	mm/vma.c \| 11 -----------
	1 file changed, 11 deletions(-)

	--- a/mm/vma.c~mm-remove-unnecessary-reset-state-logic-on-merge-new-vma
	+++ a/mm/vma.c
	@@ -963,7 +963,6 @@ struct vm_area_struct *vma_merge_new_ran
	struct vm_area_struct *next = vmg->next;
	unsigned long start = vmg->start;
	unsigned long end = vmg->end;
	- pgoff_t pgoff = vmg->pgoff;
	pgoff_t pglen = PHYS_PFN(end - start);
	bool can_merge_left, can_merge_right;
	bool just_expand = vmg->merge_flags & VMG_FLAG_JUST_EXPAND;
	@@ -1020,16 +1019,6 @@ struct vm_area_struct *vma_merge_new_ran
	return vmg->vma;
	}

	- /* If expansion failed, reset state. Allows us to retry merge later. */
	- if (!just_expand) {
	- vmg->vma = NULL;
	- vmg->start = start;
	- vmg->end = end;
	- vmg->pgoff = pgoff;
	- if (vmg->vma == prev)
	- vma_iter_set(vmg->vmi, start);
	- }
	-
	return NULL;
	}

	_