Re: [PATCH v8 14/21] mm/mmap: Avoid zeroing vma tree in mmap_region()

From: Lorenzo Stoakes
Date: Wed Oct 02 2024 - 09:23:53 EST


On Wed, Oct 02, 2024 at 01:13:16PM GMT, Lorenzo Stoakes wrote:
> On Tue, Oct 01, 2024 at 04:34:00AM GMT, Bert Karwatzki wrote:
> > I just noticed (via a bisect between v6.11 and v6.12-rc1) that this patch
> > (commit f8d112a4e657 in linux-next tree) leads to a severe memory corruption
> > error under these (rather rare) circumstances:
> > 1. Start a 32bit windows game via steam (which uses proton, steam's version of wine)
> > 2. When starting the game you the proton version used has to be updated
> >
> > The effect is the following: The updating process of proton hangs and the game does
> > not start and even after an exit from steam two processes remain, one of them at
> > 100% CPU:
> > $ ps aux | grep rundll
> > bert 222638 1.7 0.1 2054868 87492 ? Ss 23:14 0:01 C:\windows\syswow64\rundll32.exe setupapi,InstallHinfSection Wow64Install 128 \\?\Z:\mnt\data\.steam\debian-installation\steamapps\common\Proton - Experimental\files\share\wine\wine.inf
> > bert 222639 99.8 0.0 2054868 2380 ? R 23:14 1:01 C:\windows\syswow64\rundll32.exe setupapi,InstallHinfSection Wow64Install 128 \\?\Z:\mnt\data\.steam\debian-installation\steamapps\common\Proton - Experimental\files\share\wine\wine.inf
> >
> > When trying to kill those processes with "killall rundll32.exe", these error happen:
>
> [snip]
>
> Starting a new thread because lei is totally breaking with all these dmesg
> logs and I'm struggling to be able to reply correctly.
>
> Sorry to make it hard to follow everyone but there we go.
>
> I have tried to recreate the exact series of anon mappings and it is not
> triggering for me, so unfortunately I'm going to have to ask you to try
> something else.
>
> This does sort of hint at it being maybe an unusual code path with a file
> set (possibly...) - could you try the below patch on fresh next 1st oct?
>
> You can grep the dmesg for 'LJS' and just provide that if it triggers,
> mostly I want to see if this (unusual) code path triggers. There shouldn't
> be any spamming.
>
> Thanks!
>

[snip]

Ugh trying this locally and trying to repro now (and not succeeding
unfortunately), and I realise that _does_ spam because apparently it's very
common with steam to be call_mmap()'ing things into VM_PFNMAP (who knew).

Can you try this instead? Thanks!

----8<----