patches/old/selftests-proc-test-procmap_query-ioctl-while-vma-is-concurrently-modified.patch - pub/scm/linux/kernel/git/akpm/25-new - Git at Google

 From: Suren Baghdasaryan <surenb@google.com>
 Subject: selftests/proc: test PROCMAP_QUERY ioctl while vma is concurrently modified
 Date: Fri, 8 Aug 2025 08:28:47 -0700

 Patch series " execute PROCMAP_QUERY ioctl under per-vma lock", v4.

 With /proc/pid/maps now being read under per-vma lock protection we can
 reuse parts of that code to execute PROCMAP_QUERY ioctl also without
 taking mmap_lock.  The change is designed to reduce mmap_lock contention
 and prevent PROCMAP_QUERY ioctl calls from blocking address space updates.

 This patchset was split out of the original patchset [1] that introduced
 per-vma lock usage for /proc/pid/maps reading.  It contains PROCMAP_QUERY
 tests, code refactoring patch to simplify the main change and the actual
 transition to per-vma lock.


 This patch (of 3):

 Extend /proc/pid/maps tearing tests to verify PROCMAP_QUERY ioctl operation
 correctness while the vma is being concurrently modified.

 Link: https://lkml.kernel.org/r/20250808152850.2580887-1-surenb@google.com
 Link: https://lkml.kernel.org/r/20250808152850.2580887-2-surenb@google.com
 Signed-off-by: Suren Baghdasaryan <surenb@google.com>
 Tested-by: SeongJae Park <sj@kernel.org>
 Acked-by: SeongJae Park <sj@kernel.org>
 Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
 Cc: Alexey Dobriyan <adobriyan@gmail.com>
 Cc: Andrii Nakryiko <andrii@kernel.org>
 Cc: Christian Brauner <brauner@kernel.org>
 Cc: Christophe Leroy <christophe.leroy@csgroup.eu>
 Cc: David Hildenbrand <david@redhat.com>
 Cc: Jann Horn <jannh@google.com>
 Cc: Johannes Weiner <hannes@cmpxchg.org>
 Cc: Josef Bacik <josef@toxicpanda.com>
 Cc: Kalesh Singh <kaleshsingh@google.com>
 Cc: Liam Howlett <liam.howlett@oracle.com>
 Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
 Cc: Michal Hocko <mhocko@kernel.org>
 Cc: Oscar Salvador <osalvador@suse.de>
 Cc: "Paul E . McKenney" <paulmck@kernel.org>
 Cc: Peter Xu <peterx@redhat.com>
 Cc: Ryan Roberts <ryan.roberts@arm.com>
 Cc: Shuah Khan <shuah@kernel.org>
 Cc: Thomas Weißschuh <linux@weissschuh.net>
 Cc: T.J. Mercier <tjmercier@google.com>
 Cc: Vlastimil Babka <vbabka@suse.cz>
 Cc: Ye Bin <yebin10@huawei.com>
 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
 ---

  tools/testing/selftests/proc/proc-maps-race.c |   65 ++++++++++++++++
  1 file changed, 65 insertions(+)

 --- a/tools/testing/selftests/proc/proc-maps-race.c~selftests-proc-test-procmap_query-ioctl-while-vma-is-concurrently-modified
 +++ a/tools/testing/selftests/proc/proc-maps-race.c
 @@ -32,6 +32,8 @@
  #include <stdlib.h>
  #include <string.h>
  #include <unistd.h>
 +#include <linux/fs.h>
 +#include <sys/ioctl.h>
  #include <sys/mman.h>
  #include <sys/stat.h>
  #include <sys/types.h>
 @@ -317,6 +319,25 @@ static bool capture_mod_pattern(FIXTURE_
  	       strcmp(restored_first_line->text, self->first_line.text) == 0;
  }

 +static bool query_addr_at(int maps_fd, void *addr,
 +			  unsigned long *vma_start, unsigned long *vma_end)
 +{
 +	struct procmap_query q;
 +
 +	memset(&q, 0, sizeof(q));
 +	q.size = sizeof(q);
 +	/* Find the VMA at the split address */
 +	q.query_addr = (unsigned long long)addr;
 +	q.query_flags = 0;
 +	if (ioctl(maps_fd, PROCMAP_QUERY, &q))
 +		return false;
 +
 +	*vma_start = q.vma_start;
 +	*vma_end = q.vma_end;
 +
 +	return true;
 +}
 +
  static inline bool split_vma(FIXTURE_DATA(proc_maps_race) *self)
  {
  	return mmap(self->mod_info->addr, self->page_size, self->mod_info->prot | PROT_EXEC,
 @@ -559,6 +580,8 @@ TEST_F(proc_maps_race, test_maps_tearing
  	do {
  		bool last_line_changed;
  		bool first_line_changed;
 +		unsigned long vma_start;
 +		unsigned long vma_end;

  		ASSERT_TRUE(read_boundary_lines(self, &new_last_line, &new_first_line));

 @@ -595,6 +618,19 @@ TEST_F(proc_maps_race, test_maps_tearing
  		first_line_changed = strcmp(new_first_line.text, self->first_line.text) != 0;
  		ASSERT_EQ(last_line_changed, first_line_changed);

 +		/* Check if PROCMAP_QUERY ioclt() finds the right VMA */
 +		ASSERT_TRUE(query_addr_at(self->maps_fd, mod_info->addr + self->page_size,
 +					  &vma_start, &vma_end));
 +		/*
 +		 * The vma at the split address can be either the same as
 +		 * original one (if read before the split) or the same as the
 +		 * first line in the second page (if read after the split).
 +		 */
 +		ASSERT_TRUE((vma_start == self->last_line.start_addr &&
 +			     vma_end == self->last_line.end_addr) ||
 +			    (vma_start == split_first_line.start_addr &&
 +			     vma_end == split_first_line.end_addr));
 +
  		clock_gettime(CLOCK_MONOTONIC_COARSE, &end_ts);
  		end_test_iteration(&end_ts, self->verbose);
  	} while (end_ts.tv_sec - start_ts.tv_sec < self->duration_sec);
 @@ -636,6 +672,9 @@ TEST_F(proc_maps_race, test_maps_tearing
  	clock_gettime(CLOCK_MONOTONIC_COARSE, &start_ts);
  	start_test_loop(&start_ts, self->verbose);
  	do {
 +		unsigned long vma_start;
 +		unsigned long vma_end;
 +
  		ASSERT_TRUE(read_boundary_lines(self, &new_last_line, &new_first_line));

  		/* Check if we read vmas after shrinking it */
 @@ -662,6 +701,16 @@ TEST_F(proc_maps_race, test_maps_tearing
  					"Expand result invalid", self));
  		}

 +		/* Check if PROCMAP_QUERY ioclt() finds the right VMA */
 +		ASSERT_TRUE(query_addr_at(self->maps_fd, mod_info->addr, &vma_start, &vma_end));
 +		/*
 +		 * The vma should stay at the same address and have either the
 +		 * original size of 3 pages or 1 page if read after shrinking.
 +		 */
 +		ASSERT_TRUE(vma_start == self->last_line.start_addr &&
 +			    (vma_end - vma_start == self->page_size * 3 ||
 +			     vma_end - vma_start == self->page_size));
 +
  		clock_gettime(CLOCK_MONOTONIC_COARSE, &end_ts);
  		end_test_iteration(&end_ts, self->verbose);
  	} while (end_ts.tv_sec - start_ts.tv_sec < self->duration_sec);
 @@ -703,6 +752,9 @@ TEST_F(proc_maps_race, test_maps_tearing
  	clock_gettime(CLOCK_MONOTONIC_COARSE, &start_ts);
  	start_test_loop(&start_ts, self->verbose);
  	do {
 +		unsigned long vma_start;
 +		unsigned long vma_end;
 +
  		ASSERT_TRUE(read_boundary_lines(self, &new_last_line, &new_first_line));

  		/* Check if we read vmas after remapping it */
 @@ -729,6 +781,19 @@ TEST_F(proc_maps_race, test_maps_tearing
  					"Remap restore result invalid", self));
  		}

 +		/* Check if PROCMAP_QUERY ioclt() finds the right VMA */
 +		ASSERT_TRUE(query_addr_at(self->maps_fd, mod_info->addr + self->page_size,
 +					  &vma_start, &vma_end));
 +		/*
 +		 * The vma should either stay at the same address and have the
 +		 * original size of 3 pages or we should find the remapped vma
 +		 * at the remap destination address with size of 1 page.
 +		 */
 +		ASSERT_TRUE((vma_start == self->last_line.start_addr &&
 +			     vma_end - vma_start == self->page_size * 3) ||
 +			    (vma_start == self->last_line.start_addr + self->page_size &&
 +			     vma_end - vma_start == self->page_size));
 +
  		clock_gettime(CLOCK_MONOTONIC_COARSE, &end_ts);
  		end_test_iteration(&end_ts, self->verbose);
  	} while (end_ts.tv_sec - start_ts.tv_sec < self->duration_sec);
 _
	From: Suren Baghdasaryan <surenb@google.com>
	Subject: selftests/proc: test PROCMAP_QUERY ioctl while vma is concurrently modified
	Date: Fri, 8 Aug 2025 08:28:47 -0700

	Patch series " execute PROCMAP_QUERY ioctl under per-vma lock", v4.

	With /proc/pid/maps now being read under per-vma lock protection we can
	reuse parts of that code to execute PROCMAP_QUERY ioctl also without
	taking mmap_lock. The change is designed to reduce mmap_lock contention
	and prevent PROCMAP_QUERY ioctl calls from blocking address space updates.

	This patchset was split out of the original patchset [1] that introduced
	per-vma lock usage for /proc/pid/maps reading. It contains PROCMAP_QUERY
	tests, code refactoring patch to simplify the main change and the actual
	transition to per-vma lock.


	This patch (of 3):

	Extend /proc/pid/maps tearing tests to verify PROCMAP_QUERY ioctl operation
	correctness while the vma is being concurrently modified.

	Link: https://lkml.kernel.org/r/20250808152850.2580887-1-surenb@google.com
	Link: https://lkml.kernel.org/r/20250808152850.2580887-2-surenb@google.com
	Signed-off-by: Suren Baghdasaryan <surenb@google.com>
	Tested-by: SeongJae Park <sj@kernel.org>
	Acked-by: SeongJae Park <sj@kernel.org>
	Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
	Cc: Alexey Dobriyan <adobriyan@gmail.com>
	Cc: Andrii Nakryiko <andrii@kernel.org>
	Cc: Christian Brauner <brauner@kernel.org>
	Cc: Christophe Leroy <christophe.leroy@csgroup.eu>
	Cc: David Hildenbrand <david@redhat.com>
	Cc: Jann Horn <jannh@google.com>
	Cc: Johannes Weiner <hannes@cmpxchg.org>
	Cc: Josef Bacik <josef@toxicpanda.com>
	Cc: Kalesh Singh <kaleshsingh@google.com>
	Cc: Liam Howlett <liam.howlett@oracle.com>
	Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
	Cc: Michal Hocko <mhocko@kernel.org>
	Cc: Oscar Salvador <osalvador@suse.de>
	Cc: "Paul E . McKenney" <paulmck@kernel.org>
	Cc: Peter Xu <peterx@redhat.com>
	Cc: Ryan Roberts <ryan.roberts@arm.com>
	Cc: Shuah Khan <shuah@kernel.org>
	Cc: Thomas Weißschuh <linux@weissschuh.net>
	Cc: T.J. Mercier <tjmercier@google.com>
	Cc: Vlastimil Babka <vbabka@suse.cz>
	Cc: Ye Bin <yebin10@huawei.com>
	Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
	---

	tools/testing/selftests/proc/proc-maps-race.c \| 65 ++++++++++++++++
	1 file changed, 65 insertions(+)

	--- a/tools/testing/selftests/proc/proc-maps-race.c~selftests-proc-test-procmap_query-ioctl-while-vma-is-concurrently-modified
	+++ a/tools/testing/selftests/proc/proc-maps-race.c
	@@ -32,6 +32,8 @@
	#include <stdlib.h>
	#include <string.h>
	#include <unistd.h>
	+#include <linux/fs.h>
	+#include <sys/ioctl.h>
	#include <sys/mman.h>
	#include <sys/stat.h>
	#include <sys/types.h>
	@@ -317,6 +319,25 @@ static bool capture_mod_pattern(FIXTURE_
	strcmp(restored_first_line->text, self->first_line.text) == 0;
	}

	+static bool query_addr_at(int maps_fd, void *addr,
	+ unsigned long vma_start, unsigned long vma_end)
	+{
	+ struct procmap_query q;
	+
	+ memset(&q, 0, sizeof(q));
	+ q.size = sizeof(q);
	+ /* Find the VMA at the split address */
	+ q.query_addr = (unsigned long long)addr;
	+ q.query_flags = 0;
	+ if (ioctl(maps_fd, PROCMAP_QUERY, &q))
	+ return false;
	+
	+ *vma_start = q.vma_start;
	+ *vma_end = q.vma_end;
	+
	+ return true;
	+}
	+
	static inline bool split_vma(FIXTURE_DATA(proc_maps_race) *self)
	{
	return mmap(self->mod_info->addr, self->page_size, self->mod_info->prot \| PROT_EXEC,
	@@ -559,6 +580,8 @@ TEST_F(proc_maps_race, test_maps_tearing
	do {
	bool last_line_changed;
	bool first_line_changed;
	+ unsigned long vma_start;
	+ unsigned long vma_end;

	ASSERT_TRUE(read_boundary_lines(self, &new_last_line, &new_first_line));

	@@ -595,6 +618,19 @@ TEST_F(proc_maps_race, test_maps_tearing
	first_line_changed = strcmp(new_first_line.text, self->first_line.text) != 0;
	ASSERT_EQ(last_line_changed, first_line_changed);

	+ /* Check if PROCMAP_QUERY ioclt() finds the right VMA */
	+ ASSERT_TRUE(query_addr_at(self->maps_fd, mod_info->addr + self->page_size,
	+ &vma_start, &vma_end));
	+ /*
	+ * The vma at the split address can be either the same as
	+ * original one (if read before the split) or the same as the
	+ * first line in the second page (if read after the split).
	+ */
	+ ASSERT_TRUE((vma_start == self->last_line.start_addr &&
	+ vma_end == self->last_line.end_addr) \|\|
	+ (vma_start == split_first_line.start_addr &&
	+ vma_end == split_first_line.end_addr));
	+
	clock_gettime(CLOCK_MONOTONIC_COARSE, &end_ts);
	end_test_iteration(&end_ts, self->verbose);
	} while (end_ts.tv_sec - start_ts.tv_sec < self->duration_sec);
	@@ -636,6 +672,9 @@ TEST_F(proc_maps_race, test_maps_tearing
	clock_gettime(CLOCK_MONOTONIC_COARSE, &start_ts);
	start_test_loop(&start_ts, self->verbose);
	do {
	+ unsigned long vma_start;
	+ unsigned long vma_end;
	+
	ASSERT_TRUE(read_boundary_lines(self, &new_last_line, &new_first_line));

	/* Check if we read vmas after shrinking it */
	@@ -662,6 +701,16 @@ TEST_F(proc_maps_race, test_maps_tearing
	"Expand result invalid", self));
	}

	+ /* Check if PROCMAP_QUERY ioclt() finds the right VMA */
	+ ASSERT_TRUE(query_addr_at(self->maps_fd, mod_info->addr, &vma_start, &vma_end));
	+ /*
	+ * The vma should stay at the same address and have either the
	+ * original size of 3 pages or 1 page if read after shrinking.
	+ */
	+ ASSERT_TRUE(vma_start == self->last_line.start_addr &&
	+ (vma_end - vma_start == self->page_size * 3 \|\|
	+ vma_end - vma_start == self->page_size));
	+
	clock_gettime(CLOCK_MONOTONIC_COARSE, &end_ts);
	end_test_iteration(&end_ts, self->verbose);
	} while (end_ts.tv_sec - start_ts.tv_sec < self->duration_sec);
	@@ -703,6 +752,9 @@ TEST_F(proc_maps_race, test_maps_tearing
	clock_gettime(CLOCK_MONOTONIC_COARSE, &start_ts);
	start_test_loop(&start_ts, self->verbose);
	do {
	+ unsigned long vma_start;
	+ unsigned long vma_end;
	+
	ASSERT_TRUE(read_boundary_lines(self, &new_last_line, &new_first_line));

	/* Check if we read vmas after remapping it */
	@@ -729,6 +781,19 @@ TEST_F(proc_maps_race, test_maps_tearing
	"Remap restore result invalid", self));
	}

	+ /* Check if PROCMAP_QUERY ioclt() finds the right VMA */
	+ ASSERT_TRUE(query_addr_at(self->maps_fd, mod_info->addr + self->page_size,
	+ &vma_start, &vma_end));
	+ /*
	+ * The vma should either stay at the same address and have the
	+ * original size of 3 pages or we should find the remapped vma
	+ * at the remap destination address with size of 1 page.
	+ */
	+ ASSERT_TRUE((vma_start == self->last_line.start_addr &&
	+ vma_end - vma_start == self->page_size * 3) \|\|
	+ (vma_start == self->last_line.start_addr + self->page_size &&
	+ vma_end - vma_start == self->page_size));
	+
	clock_gettime(CLOCK_MONOTONIC_COARSE, &end_ts);
	end_test_iteration(&end_ts, self->verbose);
	} while (end_ts.tv_sec - start_ts.tv_sec < self->duration_sec);
	_