Re: [PATCH v4] hugetlbfs: check for shareable lock before calling huge_pmd_unshare()

[Oscar Salvador]

On Wed, Oct 08, 2025 at 10:57:59AM +0530, Deepanshu Kartikey wrote:
> When hugetlb_vmdelete_list() processes VMAs during truncate operations,
> it may encounter VMAs where huge_pmd_unshare() is called without the
> required shareable lock. This triggers an assertion failure in
> hugetlb_vma_assert_locked().
> 
> The previous fix in commit dd83609b8898 ("hugetlbfs: skip VMAs without
> shareable locks in hugetlb_vmdelete_list") skipped entire VMAs without
> shareable locks to avoid the assertion. However, this prevented pages
> from being unmapped and freed, causing a regression in fallocate(PUNCH_HOLE)
> operations where pages were not freed immediately, as reported by Mark Brown.
> 
> Instead of skipping VMAs or adding new flags, check __vma_shareable_lock()
> directly in __unmap_hugepage_range() right before calling huge_pmd_unshare().
> This ensures PMD unsharing only happens when the VMA has a shareable lock
> structure, while still allowing page unmapping and freeing to proceed for
> all VMAs.
> 
> Reported-by: syzbot+f26d7c75c26ec19790e7@xxxxxxxxxxxxxxxxxxxxxxxxx
> Tested-by: syzbot+f26d7c75c26ec19790e7@xxxxxxxxxxxxxxxxxxxxxxxxx
> Reported-by: Mark Brown <broonie@xxxxxxxxxx>
> Fixes: dd83609b8898 ("hugetlbfs: skip VMAs without shareable locks in hugetlb_vmdelete_list")
> Suggested-by: Oscar Salvador <osalvador@xxxxxxx>
> Suggested-by: David Hildenbrand <david@xxxxxxxxxx>
> Link: https://lore.kernel.org/mm-commits/20250925203504.7BE02C4CEF7@xxxxxxxxxxxxxxx/ [v1]
> Link: https://lore.kernel.org/mm-commits/20250928185232.BEDB6C4CEF0@xxxxxxxxxxxxxxx/ [v2]
> Link: https://lore.kernel.org/linux-mm/20251003174553.3078839-1-kartikey406@xxxxxxxxx/ [v3]
> Signed-off-by: Deepanshu Kartikey <kartikey406@xxxxxxxxx>

Acked-by: Oscar Salvador <osalvador@xxxxxxx>

 

-- 
Oscar Salvador
SUSE Labs