Re: [PATCH v2] mm/pagewalk: fix race between concurrent split and refault

Next message: Gao Xiang: "[GIT PULL] erofs fixes for 7.0-rc6"
Previous message: Gavin Shan: "Re: [PATCH v13 00/48] arm64: Support for Arm CCA in KVM"
In reply to: Lorenzo Stoakes (Oracle): "Re: [PATCH v2] mm/pagewalk: fix race between concurrent split and refault"
Next in thread: David Hildenbrand (Arm): "Re: [PATCH v2] mm/pagewalk: fix race between concurrent split and refault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Andrew Morton

Date: Wed Mar 25 2026 - 20:50:42 EST

On Wed, 25 Mar 2026 10:59:16 +0100 Max Boone via B4 Relay <devnull+mboone.akamai.com@xxxxxxxxxx> wrote:

> The splitting of a PUD entry in walk_pud_range() can race with
> a concurrent thread refaulting the PUD leaf entry causing it to
> try walking a PMD range that has disappeared.
>
> An example and reproduction of this is to try reading numa_maps of
> a process while VFIO-PCI is setting up DMA (specifically the
> vfio_pin_pages_remote call) on a large BAR for that process.
>
> This will trigger a kernel BUG:
> vfio-pci 0000:03:00.0: enabling device (0000 -> 0002)
> BUG: unable to handle page fault for address: ffffa23980000000
> PGD 0 P4D 0
> Oops: Oops: 0000 [#1] SMP NOPTI

Thanks, updated.

AI review has a couple of questions:
https://sashiko.dev/#/patchset/20260317-pagewalk-check-pmd-refault-v1-1-f699a010f2b3%40akamai.com

It flagged the same things against the v1 patch - maybe nobody checked?