CC: [email protected] BCC: [email protected] CC: [email protected] TO: "Liam R. Howlett" <[email protected]> CC: Johannes Weiner <[email protected]> CC: Andrew Morton <[email protected]> CC: Linux Memory Management List <[email protected]>
tree: https://github.com/hnaz/linux-mm master head: bf4803abaa3e9d2fa207c0675a2d2abf0fd44f66 commit: dce94fc7a40fd9b59cb5c56b933b45b978ca85c3 [292/410] mmap: change zeroing of maple tree in __vma_adjust() :::::: branch date: 4 days ago :::::: commit date: 4 days ago config: x86_64-randconfig-m001-20220425 (https://download.01.org/0day-ci/archive/20220501/[email protected]/config) compiler: gcc-11 (Debian 11.2.0-20) 11.2.0 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> Reported-by: Dan Carpenter <[email protected]> smatch warnings: mm/mmap.c:795 __vma_adjust() error: we previously assumed 'next' could be null (see line 786) vim +/next +795 mm/mmap.c ^1da177e4c3f41 Linus Torvalds 2005-04-16 608 ^1da177e4c3f41 Linus Torvalds 2005-04-16 609 /* ^1da177e4c3f41 Linus Torvalds 2005-04-16 610 * We cannot adjust vm_start, vm_end, vm_pgoff fields of a vma that ^1da177e4c3f41 Linus Torvalds 2005-04-16 611 * is already present in an i_mmap tree without adjusting the tree. ^1da177e4c3f41 Linus Torvalds 2005-04-16 612 * The following helper function should be used when such adjustments ^1da177e4c3f41 Linus Torvalds 2005-04-16 613 * are necessary. The "insert" vma (if any) is to be inserted ^1da177e4c3f41 Linus Torvalds 2005-04-16 614 * before we drop the necessary locks. ^1da177e4c3f41 Linus Torvalds 2005-04-16 615 */ e86f15ee64d8ee Andrea Arcangeli 2016-10-07 616 int __vma_adjust(struct vm_area_struct *vma, unsigned long start, e86f15ee64d8ee Andrea Arcangeli 2016-10-07 617 unsigned long end, pgoff_t pgoff, struct vm_area_struct *insert, e86f15ee64d8ee Andrea Arcangeli 2016-10-07 618 struct vm_area_struct *expand) ^1da177e4c3f41 Linus Torvalds 2005-04-16 619 { ^1da177e4c3f41 Linus Torvalds 2005-04-16 620 struct mm_struct *mm = vma->vm_mm; 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 621 struct vm_area_struct *next_next, *next = find_vma(mm, vma->vm_end); 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 622 struct vm_area_struct *orig_vma = vma; ^1da177e4c3f41 Linus Torvalds 2005-04-16 623 struct address_space *mapping = NULL; f808c13fd37389 Davidlohr Bueso 2017-09-08 624 struct rb_root_cached *root = NULL; 012f18004da33b Rik van Riel 2010-08-09 625 struct anon_vma *anon_vma = NULL; ^1da177e4c3f41 Linus Torvalds 2005-04-16 626 struct file *file = vma->vm_file; 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 627 bool vma_changed = false; ^1da177e4c3f41 Linus Torvalds 2005-04-16 628 long adjust_next = 0; ^1da177e4c3f41 Linus Torvalds 2005-04-16 629 int remove_next = 0; f90a08f5f1a502 Liam R. Howlett 2022-04-26 630 MA_STATE(mas, &mm->mm_mt, 0, 0); 734537c9cb725f Kirill A. Shutemov 2016-07-28 631 struct vm_area_struct *exporter = NULL, *importer = NULL; dce94fc7a40fd9 Liam R. Howlett 2022-04-26 632 unsigned long ll_prev = vma->vm_start; /* linked list prev. */ 287d97ac032136 Linus Torvalds 2010-04-10 633 f90a08f5f1a502 Liam R. Howlett 2022-04-26 634 if (next && !insert) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 635 if (end >= next->vm_end) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 636 /* ^1da177e4c3f41 Linus Torvalds 2005-04-16 637 * vma expands, overlapping all the next, and ^1da177e4c3f41 Linus Torvalds 2005-04-16 638 * perhaps the one after too (mprotect case 6). 86d12e471d9f15 Andrea Arcangeli 2016-10-07 639 * The only other cases that gets here are e86f15ee64d8ee Andrea Arcangeli 2016-10-07 640 * case 1, case 7 and case 8. e86f15ee64d8ee Andrea Arcangeli 2016-10-07 641 */ e86f15ee64d8ee Andrea Arcangeli 2016-10-07 642 if (next == expand) { e86f15ee64d8ee Andrea Arcangeli 2016-10-07 643 /* e86f15ee64d8ee Andrea Arcangeli 2016-10-07 644 * The only case where we don't expand "vma" e86f15ee64d8ee Andrea Arcangeli 2016-10-07 645 * and we expand "next" instead is case 8. e86f15ee64d8ee Andrea Arcangeli 2016-10-07 646 */ e86f15ee64d8ee Andrea Arcangeli 2016-10-07 647 VM_WARN_ON(end != next->vm_end); e86f15ee64d8ee Andrea Arcangeli 2016-10-07 648 /* e86f15ee64d8ee Andrea Arcangeli 2016-10-07 649 * remove_next == 3 means we're e86f15ee64d8ee Andrea Arcangeli 2016-10-07 650 * removing "vma" and that to do so we e86f15ee64d8ee Andrea Arcangeli 2016-10-07 651 * swapped "vma" and "next". e86f15ee64d8ee Andrea Arcangeli 2016-10-07 652 */ e86f15ee64d8ee Andrea Arcangeli 2016-10-07 653 remove_next = 3; e86f15ee64d8ee Andrea Arcangeli 2016-10-07 654 VM_WARN_ON(file != next->vm_file); e86f15ee64d8ee Andrea Arcangeli 2016-10-07 655 swap(vma, next); e86f15ee64d8ee Andrea Arcangeli 2016-10-07 656 } else { e86f15ee64d8ee Andrea Arcangeli 2016-10-07 657 VM_WARN_ON(expand != vma); e86f15ee64d8ee Andrea Arcangeli 2016-10-07 658 /* e86f15ee64d8ee Andrea Arcangeli 2016-10-07 659 * case 1, 6, 7, remove_next == 2 is case 6, e86f15ee64d8ee Andrea Arcangeli 2016-10-07 660 * remove_next == 1 is case 1 or 7. ^1da177e4c3f41 Linus Torvalds 2005-04-16 661 */ 734537c9cb725f Kirill A. Shutemov 2016-07-28 662 remove_next = 1 + (end > next->vm_end); 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 663 next_next = find_vma(mm, next->vm_end); e86f15ee64d8ee Andrea Arcangeli 2016-10-07 664 VM_WARN_ON(remove_next == 2 && 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 665 end != next_next->vm_end); e86f15ee64d8ee Andrea Arcangeli 2016-10-07 666 /* trim end to next, for case 6 first pass */ ^1da177e4c3f41 Linus Torvalds 2005-04-16 667 end = next->vm_end; e86f15ee64d8ee Andrea Arcangeli 2016-10-07 668 } e86f15ee64d8ee Andrea Arcangeli 2016-10-07 669 287d97ac032136 Linus Torvalds 2010-04-10 670 exporter = next; ^1da177e4c3f41 Linus Torvalds 2005-04-16 671 importer = vma; 734537c9cb725f Kirill A. Shutemov 2016-07-28 672 734537c9cb725f Kirill A. Shutemov 2016-07-28 673 /* 734537c9cb725f Kirill A. Shutemov 2016-07-28 674 * If next doesn't have anon_vma, import from vma after 734537c9cb725f Kirill A. Shutemov 2016-07-28 675 * next, if the vma overlaps with it. 734537c9cb725f Kirill A. Shutemov 2016-07-28 676 */ 97a42cd4398162 Andrea Arcangeli 2016-10-07 677 if (remove_next == 2 && !next->anon_vma) 734537c9cb725f Kirill A. Shutemov 2016-07-28 678 exporter = next->vm_next; 734537c9cb725f Kirill A. Shutemov 2016-07-28 679 ^1da177e4c3f41 Linus Torvalds 2005-04-16 680 } else if (end > next->vm_start) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 681 /* ^1da177e4c3f41 Linus Torvalds 2005-04-16 682 * vma expands, overlapping part of the next: ^1da177e4c3f41 Linus Torvalds 2005-04-16 683 * mprotect case 5 shifting the boundary up. ^1da177e4c3f41 Linus Torvalds 2005-04-16 684 */ f9d86a60572295 Wei Yang 2020-10-13 685 adjust_next = (end - next->vm_start); 287d97ac032136 Linus Torvalds 2010-04-10 686 exporter = next; ^1da177e4c3f41 Linus Torvalds 2005-04-16 687 importer = vma; e86f15ee64d8ee Andrea Arcangeli 2016-10-07 688 VM_WARN_ON(expand != importer); ^1da177e4c3f41 Linus Torvalds 2005-04-16 689 } else if (end < vma->vm_end) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 690 /* ^1da177e4c3f41 Linus Torvalds 2005-04-16 691 * vma shrinks, and !insert tells it's not ^1da177e4c3f41 Linus Torvalds 2005-04-16 692 * split_vma inserting another: so it must be ^1da177e4c3f41 Linus Torvalds 2005-04-16 693 * mprotect case 4 shifting the boundary down. ^1da177e4c3f41 Linus Torvalds 2005-04-16 694 */ f9d86a60572295 Wei Yang 2020-10-13 695 adjust_next = -(vma->vm_end - end); 287d97ac032136 Linus Torvalds 2010-04-10 696 exporter = vma; ^1da177e4c3f41 Linus Torvalds 2005-04-16 697 importer = next; e86f15ee64d8ee Andrea Arcangeli 2016-10-07 698 VM_WARN_ON(expand != importer); ^1da177e4c3f41 Linus Torvalds 2005-04-16 699 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 700 5beb49305251e5 Rik van Riel 2010-03-05 701 /* 5beb49305251e5 Rik van Riel 2010-03-05 702 * Easily overlooked: when mprotect shifts the boundary, 5beb49305251e5 Rik van Riel 2010-03-05 703 * make sure the expanding vma has anon_vma set if the 5beb49305251e5 Rik van Riel 2010-03-05 704 * shrinking vma had, to cover any anon pages imported. 5beb49305251e5 Rik van Riel 2010-03-05 705 */ 287d97ac032136 Linus Torvalds 2010-04-10 706 if (exporter && exporter->anon_vma && !importer->anon_vma) { c4ea95d7cd08d9 Daniel Forrest 2014-12-02 707 int error; c4ea95d7cd08d9 Daniel Forrest 2014-12-02 708 b800c91a051707 Konstantin Khlebnikov 2015-01-11 709 importer->anon_vma = exporter->anon_vma; c4ea95d7cd08d9 Daniel Forrest 2014-12-02 710 error = anon_vma_clone(importer, exporter); 3fe89b3e2a7bbf Leon Yu 2015-03-25 711 if (error) c4ea95d7cd08d9 Daniel Forrest 2014-12-02 712 return error; b800c91a051707 Konstantin Khlebnikov 2015-01-11 713 } 5beb49305251e5 Rik van Riel 2010-03-05 714 } 734537c9cb725f Kirill A. Shutemov 2016-07-28 715 again: e86f15ee64d8ee Andrea Arcangeli 2016-10-07 716 vma_adjust_trans_huge(orig_vma, start, end, adjust_next); 37f9f5595c26d3 Kirill A. Shutemov 2016-07-26 717 f90a08f5f1a502 Liam R. Howlett 2022-04-26 718 if (mas_preallocate(&mas, vma, GFP_KERNEL)) { f90a08f5f1a502 Liam R. Howlett 2022-04-26 719 if (exporter && exporter->anon_vma) f90a08f5f1a502 Liam R. Howlett 2022-04-26 720 unlink_anon_vmas(importer); f90a08f5f1a502 Liam R. Howlett 2022-04-26 721 return -ENOMEM; f90a08f5f1a502 Liam R. Howlett 2022-04-26 722 } f90a08f5f1a502 Liam R. Howlett 2022-04-26 723 ^1da177e4c3f41 Linus Torvalds 2005-04-16 724 if (file) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 725 mapping = file->f_mapping; ^1da177e4c3f41 Linus Torvalds 2005-04-16 726 root = &mapping->i_mmap; cbc91f71b51b83 Srikar Dronamraju 2012-04-11 727 uprobe_munmap(vma, vma->vm_start, vma->vm_end); 682968e0c425c6 Srikar Dronamraju 2012-03-30 728 682968e0c425c6 Srikar Dronamraju 2012-03-30 729 if (adjust_next) 27ba0644ea9dfe Kirill A. Shutemov 2015-02-10 730 uprobe_munmap(next, next->vm_start, next->vm_end); 682968e0c425c6 Srikar Dronamraju 2012-03-30 731 83cde9e8ba95d1 Davidlohr Bueso 2014-12-12 732 i_mmap_lock_write(mapping); ^1da177e4c3f41 Linus Torvalds 2005-04-16 733 if (insert) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 734 /* 6b2dbba8b6ac4d Michel Lespinasse 2012-10-08 735 * Put into interval tree now, so instantiated pages ^1da177e4c3f41 Linus Torvalds 2005-04-16 736 * are visible to arm/parisc __flush_dcache_page ^1da177e4c3f41 Linus Torvalds 2005-04-16 737 * throughout; but we cannot insert into address ^1da177e4c3f41 Linus Torvalds 2005-04-16 738 * space until vma start or end is updated. ^1da177e4c3f41 Linus Torvalds 2005-04-16 739 */ ^1da177e4c3f41 Linus Torvalds 2005-04-16 740 __vma_link_file(insert); ^1da177e4c3f41 Linus Torvalds 2005-04-16 741 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 742 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 743 012f18004da33b Rik van Riel 2010-08-09 744 anon_vma = vma->anon_vma; bf181b9f9d8dfb Michel Lespinasse 2012-10-08 745 if (!anon_vma && adjust_next) bf181b9f9d8dfb Michel Lespinasse 2012-10-08 746 anon_vma = next->anon_vma; bf181b9f9d8dfb Michel Lespinasse 2012-10-08 747 if (anon_vma) { e86f15ee64d8ee Andrea Arcangeli 2016-10-07 748 VM_WARN_ON(adjust_next && next->anon_vma && e86f15ee64d8ee Andrea Arcangeli 2016-10-07 749 anon_vma != next->anon_vma); 4fc3f1d66b1ef0 Ingo Molnar 2012-12-02 750 anon_vma_lock_write(anon_vma); bf181b9f9d8dfb Michel Lespinasse 2012-10-08 751 anon_vma_interval_tree_pre_update_vma(vma); bf181b9f9d8dfb Michel Lespinasse 2012-10-08 752 if (adjust_next) bf181b9f9d8dfb Michel Lespinasse 2012-10-08 753 anon_vma_interval_tree_pre_update_vma(next); bf181b9f9d8dfb Michel Lespinasse 2012-10-08 754 } 012f18004da33b Rik van Riel 2010-08-09 755 0fc48a6e213ab8 Wei Yang 2020-10-13 756 if (file) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 757 flush_dcache_mmap_lock(mapping); 6b2dbba8b6ac4d Michel Lespinasse 2012-10-08 758 vma_interval_tree_remove(vma, root); ^1da177e4c3f41 Linus Torvalds 2005-04-16 759 if (adjust_next) 6b2dbba8b6ac4d Michel Lespinasse 2012-10-08 760 vma_interval_tree_remove(next, root); ^1da177e4c3f41 Linus Torvalds 2005-04-16 761 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 762 d37371870ceb1d Michel Lespinasse 2012-12-11 763 if (start != vma->vm_start) { dce94fc7a40fd9 Liam R. Howlett 2022-04-26 764 if ((vma->vm_start < start) && dce94fc7a40fd9 Liam R. Howlett 2022-04-26 765 (!insert || (insert->vm_end != start))) { 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 766 vma_mt_szero(mm, vma->vm_start, start); dce94fc7a40fd9 Liam R. Howlett 2022-04-26 767 VM_WARN_ON(insert && insert->vm_start > vma->vm_start); dce94fc7a40fd9 Liam R. Howlett 2022-04-26 768 } else { 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 769 vma_changed = true; dce94fc7a40fd9 Liam R. Howlett 2022-04-26 770 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 771 vma->vm_start = start; d37371870ceb1d Michel Lespinasse 2012-12-11 772 } d37371870ceb1d Michel Lespinasse 2012-12-11 773 if (end != vma->vm_end) { dce94fc7a40fd9 Liam R. Howlett 2022-04-26 774 if (vma->vm_end > end) { dce94fc7a40fd9 Liam R. Howlett 2022-04-26 775 if (!insert || (insert->vm_start != end)) { 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 776 vma_mt_szero(mm, end, vma->vm_end); dce94fc7a40fd9 Liam R. Howlett 2022-04-26 777 VM_WARN_ON(insert && dce94fc7a40fd9 Liam R. Howlett 2022-04-26 778 insert->vm_end < vma->vm_end); dce94fc7a40fd9 Liam R. Howlett 2022-04-26 779 } else if (insert->vm_start == end) { dce94fc7a40fd9 Liam R. Howlett 2022-04-26 780 ll_prev = vma->vm_end; dce94fc7a40fd9 Liam R. Howlett 2022-04-26 781 } dce94fc7a40fd9 Liam R. Howlett 2022-04-26 782 } else { 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 783 vma_changed = true; dce94fc7a40fd9 Liam R. Howlett 2022-04-26 784 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 785 vma->vm_end = end; 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 @786 if (!next) 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 787 mm->highest_vm_end = vm_end_gap(vma); d37371870ceb1d Michel Lespinasse 2012-12-11 788 } f90a08f5f1a502 Liam R. Howlett 2022-04-26 789 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 790 if (vma_changed) f90a08f5f1a502 Liam R. Howlett 2022-04-26 791 vma_mas_store(vma, &mas); f90a08f5f1a502 Liam R. Howlett 2022-04-26 792 ^1da177e4c3f41 Linus Torvalds 2005-04-16 793 vma->vm_pgoff = pgoff; ^1da177e4c3f41 Linus Torvalds 2005-04-16 794 if (adjust_next) { f9d86a60572295 Wei Yang 2020-10-13 @795 next->vm_start += adjust_next; f9d86a60572295 Wei Yang 2020-10-13 796 next->vm_pgoff += adjust_next >> PAGE_SHIFT; f90a08f5f1a502 Liam R. Howlett 2022-04-26 797 vma_mas_store(next, &mas); ^1da177e4c3f41 Linus Torvalds 2005-04-16 798 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 799 0fc48a6e213ab8 Wei Yang 2020-10-13 800 if (file) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 801 if (adjust_next) 6b2dbba8b6ac4d Michel Lespinasse 2012-10-08 802 vma_interval_tree_insert(next, root); 6b2dbba8b6ac4d Michel Lespinasse 2012-10-08 803 vma_interval_tree_insert(vma, root); ^1da177e4c3f41 Linus Torvalds 2005-04-16 804 flush_dcache_mmap_unlock(mapping); ^1da177e4c3f41 Linus Torvalds 2005-04-16 805 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 806 ^1da177e4c3f41 Linus Torvalds 2005-04-16 807 if (remove_next) { 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 808 __vma_unlink_list(mm, next); 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 809 /* Kill the cache */ 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 810 vmacache_invalidate(mm); ^1da177e4c3f41 Linus Torvalds 2005-04-16 811 if (file) ^1da177e4c3f41 Linus Torvalds 2005-04-16 812 __remove_shared_vm_struct(next, file, mapping); ^1da177e4c3f41 Linus Torvalds 2005-04-16 813 } else if (insert) { ^1da177e4c3f41 Linus Torvalds 2005-04-16 814 /* ^1da177e4c3f41 Linus Torvalds 2005-04-16 815 * split_vma has split insert from vma, and needs ^1da177e4c3f41 Linus Torvalds 2005-04-16 816 * us to insert it before dropping the locks ^1da177e4c3f41 Linus Torvalds 2005-04-16 817 * (it may either follow vma or precede it). ^1da177e4c3f41 Linus Torvalds 2005-04-16 818 */ dce94fc7a40fd9 Liam R. Howlett 2022-04-26 819 __insert_vm_struct(mm, &mas, insert, ll_prev); ^1da177e4c3f41 Linus Torvalds 2005-04-16 820 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 821 bf181b9f9d8dfb Michel Lespinasse 2012-10-08 822 if (anon_vma) { bf181b9f9d8dfb Michel Lespinasse 2012-10-08 823 anon_vma_interval_tree_post_update_vma(vma); bf181b9f9d8dfb Michel Lespinasse 2012-10-08 824 if (adjust_next) bf181b9f9d8dfb Michel Lespinasse 2012-10-08 825 anon_vma_interval_tree_post_update_vma(next); 08b52706d50565 Konstantin Khlebnikov 2013-02-22 826 anon_vma_unlock_write(anon_vma); bf181b9f9d8dfb Michel Lespinasse 2012-10-08 827 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 828 0fc48a6e213ab8 Wei Yang 2020-10-13 829 if (file) { 808fbdbea05f1e Wei Yang 2020-10-13 830 i_mmap_unlock_write(mapping); 7b2d81d48a2d8e Ingo Molnar 2012-02-17 831 uprobe_mmap(vma); 2b144498350860 Srikar Dronamraju 2012-02-09 832 2b144498350860 Srikar Dronamraju 2012-02-09 833 if (adjust_next) 7b2d81d48a2d8e Ingo Molnar 2012-02-17 834 uprobe_mmap(next); 2b144498350860 Srikar Dronamraju 2012-02-09 835 } 2b144498350860 Srikar Dronamraju 2012-02-09 836 ^1da177e4c3f41 Linus Torvalds 2005-04-16 837 if (remove_next) { 925d1c401fa6cf Matt Helsley 2008-04-29 838 if (file) { cbc91f71b51b83 Srikar Dronamraju 2012-04-11 839 uprobe_munmap(next, next->vm_start, next->vm_end); ^1da177e4c3f41 Linus Torvalds 2005-04-16 840 fput(file); 925d1c401fa6cf Matt Helsley 2008-04-29 841 } 5beb49305251e5 Rik van Riel 2010-03-05 842 if (next->anon_vma) 5beb49305251e5 Rik van Riel 2010-03-05 843 anon_vma_merge(vma, next); ^1da177e4c3f41 Linus Torvalds 2005-04-16 844 mm->map_count--; 3964acd0dbec12 Oleg Nesterov 2013-07-31 845 mpol_put(vma_policy(next)); 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 846 BUG_ON(vma->vm_end < next->vm_end); 3928d4f5ee37cd Linus Torvalds 2018-07-21 847 vm_area_free(next); 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 848 ^1da177e4c3f41 Linus Torvalds 2005-04-16 849 /* ^1da177e4c3f41 Linus Torvalds 2005-04-16 850 * In mprotect's case 6 (see comments on vma_merge), ^1da177e4c3f41 Linus Torvalds 2005-04-16 851 * we must remove another next too. It would clutter ^1da177e4c3f41 Linus Torvalds 2005-04-16 852 * up the code too much to do both in one go. ^1da177e4c3f41 Linus Torvalds 2005-04-16 853 */ e86f15ee64d8ee Andrea Arcangeli 2016-10-07 854 if (remove_next != 3) { e86f15ee64d8ee Andrea Arcangeli 2016-10-07 855 /* e86f15ee64d8ee Andrea Arcangeli 2016-10-07 856 * If "next" was removed and vma->vm_end was e86f15ee64d8ee Andrea Arcangeli 2016-10-07 857 * expanded (up) over it, in turn e86f15ee64d8ee Andrea Arcangeli 2016-10-07 858 * "next->vm_prev->vm_end" changed and the e86f15ee64d8ee Andrea Arcangeli 2016-10-07 859 * "vma->vm_next" gap must be updated. e86f15ee64d8ee Andrea Arcangeli 2016-10-07 860 */ 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 861 next = next_next; e86f15ee64d8ee Andrea Arcangeli 2016-10-07 862 } else { e86f15ee64d8ee Andrea Arcangeli 2016-10-07 863 /* e86f15ee64d8ee Andrea Arcangeli 2016-10-07 864 * For the scope of the comment "next" and e86f15ee64d8ee Andrea Arcangeli 2016-10-07 865 * "vma" considered pre-swap(): if "vma" was e86f15ee64d8ee Andrea Arcangeli 2016-10-07 866 * removed, next->vm_start was expanded (down) e86f15ee64d8ee Andrea Arcangeli 2016-10-07 867 * over it and the "next" gap must be updated. e86f15ee64d8ee Andrea Arcangeli 2016-10-07 868 * Because of the swap() the post-swap() "vma" e86f15ee64d8ee Andrea Arcangeli 2016-10-07 869 * actually points to pre-swap() "next" e86f15ee64d8ee Andrea Arcangeli 2016-10-07 870 * (post-swap() "next" as opposed is now a e86f15ee64d8ee Andrea Arcangeli 2016-10-07 871 * dangling pointer). e86f15ee64d8ee Andrea Arcangeli 2016-10-07 872 */ e86f15ee64d8ee Andrea Arcangeli 2016-10-07 873 next = vma; e86f15ee64d8ee Andrea Arcangeli 2016-10-07 874 } 734537c9cb725f Kirill A. Shutemov 2016-07-28 875 if (remove_next == 2) { 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 876 mas_reset(&mas); 734537c9cb725f Kirill A. Shutemov 2016-07-28 877 remove_next = 1; 734537c9cb725f Kirill A. Shutemov 2016-07-28 878 end = next->vm_end; ^1da177e4c3f41 Linus Torvalds 2005-04-16 879 goto again; 48c8a6f751a2c8 Liam R. Howlett 2022-04-26 880 } else if (!next) { fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 881 /* fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 882 * If remove_next == 2 we obviously can't fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 883 * reach this path. fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 884 * fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 885 * If remove_next == 3 we can't reach this fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 886 * path because pre-swap() next is always not fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 887 * NULL. pre-swap() "next" is not being fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 888 * removed and its next->vm_end is not altered fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 889 * (and furthermore "end" already matches fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 890 * next->vm_end in remove_next == 3). fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 891 * fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 892 * We reach this only in the remove_next == 1 fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 893 * case if the "next" vma that was removed was fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 894 * the highest vma of the mm. However in such fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 895 * case next->vm_end == "end" and the extended fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 896 * "vma" has vma->vm_end == next->vm_end so fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 897 * mm->highest_vm_end doesn't need any update fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 898 * in remove_next == 1 case. fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 899 */ 1be7107fbe18ee Hugh Dickins 2017-06-19 900 VM_WARN_ON(mm->highest_vm_end != vm_end_gap(vma)); fb8c41e9ad1f35 Andrea Arcangeli 2016-10-07 901 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 902 } 2b144498350860 Srikar Dronamraju 2012-02-09 903 if (insert && file) 7b2d81d48a2d8e Ingo Molnar 2012-02-17 904 uprobe_mmap(insert); ^1da177e4c3f41 Linus Torvalds 2005-04-16 905 ^1da177e4c3f41 Linus Torvalds 2005-04-16 906 validate_mm(mm); 5beb49305251e5 Rik van Riel 2010-03-05 907 return 0; ^1da177e4c3f41 Linus Torvalds 2005-04-16 908 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 909 :::::: The code at line 795 was first introduced by commit :::::: f9d86a60572295ebb53c87a4305dc89b487711bd mm/mmap: leave adjust_next as virtual address instead of page frame number :::::: TO: Wei Yang <[email protected]> :::::: CC: Linus Torvalds <[email protected]> -- 0-DAY CI Kernel Test Service https://01.org/lkp _______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
