Currently we set VM_SOFTDIRTY when a new mapping is set up (whether by
establishing a new VMA, or via merge) as implemented in __mmap_complete()
and do_brk_flags().
However, when performing a merge of existing mappings such as when
performing mprotect(), we may lose the VM_SOFTDIRTY flag.
This is because currently we simply ignore VM_SOFTDIRTY for the purposes of
merge, so one VMA may possess the flag and another not, and whichever
happens to be the target VMA will be the one upon which the merge is
performed which may or may not have VM_SOFTDIRTY set.
Now we have the concept of 'sticky' VMA flags, let's make VM_SOFTDIRTY one
which solves this issue.
Additionally update VMA userland tests to propagate changes.
Suggested-by: Vlastimil Babka <vbabka@suse.cz>
Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
---
include/linux/mm.h | 23 +++++++++++------------
tools/testing/vma/vma_internal.h | 23 +++++++++++------------
2 files changed, 22 insertions(+), 24 deletions(-)
diff --git a/include/linux/mm.h b/include/linux/mm.h
index 43eec43da66a..fd9eeff07eb5 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -532,29 +532,28 @@ extern unsigned int kobjsize(const void *objp);
* possesses it but the other does not, the merged VMA should nonetheless have
* applied to it:
*
+ * VM_SOFTDIRTY - if a VMA is marked soft-dirty, that is has not had its
+ * references cleared via /proc/$pid/clear_refs, any merged VMA
+ * should be considered soft-dirty also as it operates at a VMA
+ * granularity.
+ *
* VM_MAYBE_GUARD - If a VMA may have guard regions in place it implies that
* mapped page tables may contain metadata not described by the
* VMA and thus any merged VMA may also contain this metadata,
* and thus we must make this flag sticky.
*/
-#define VM_STICKY VM_MAYBE_GUARD
+#define VM_STICKY (VM_SOFTDIRTY | VM_MAYBE_GUARD)
/*
* VMA flags we ignore for the purposes of merge, i.e. one VMA possessing one
* of these flags and the other not does not preclude a merge.
*
- * VM_SOFTDIRTY - Should not prevent from VMA merging, if we match the flags but
- * dirty bit -- the caller should mark merged VMA as dirty. If
- * dirty bit won't be excluded from comparison, we increase
- * pressure on the memory system forcing the kernel to generate
- * new VMAs when old one could be extended instead.
- *
- * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones
- * which should propagate to all VMAs, but the other does not,
- * the merge should still proceed with the merge logic applying
- * sticky flags to the final VMA.
+ * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones
+ * which should propagate to all VMAs, but the other does not,
+ * the merge should still proceed with the merge logic applying
+ * sticky flags to the final VMA.
*/
-#define VM_IGNORE_MERGE (VM_SOFTDIRTY | VM_STICKY)
+#define VM_IGNORE_MERGE VM_STICKY
/*
* Flags which should result in page tables being copied on fork. These are
diff --git a/tools/testing/vma/vma_internal.h b/tools/testing/vma/vma_internal.h
index bd6352a5f24d..10f46a95a73a 100644
--- a/tools/testing/vma/vma_internal.h
+++ b/tools/testing/vma/vma_internal.h
@@ -122,29 +122,28 @@ extern unsigned long dac_mmap_min_addr;
* possesses it but the other does not, the merged VMA should nonetheless have
* applied to it:
*
+ * VM_SOFTDIRTY - if a VMA is marked soft-dirty, that is has not had its
+ * references cleared via /proc/$pid/clear_refs, any merged VMA
+ * should be considered soft-dirty also as it operates at a VMA
+ * granularity.
+ *
* VM_MAYBE_GUARD - If a VMA may have guard regions in place it implies that
* mapped page tables may contain metadata not described by the
* VMA and thus any merged VMA may also contain this metadata,
* and thus we must make this flag sticky.
*/
-#define VM_STICKY VM_MAYBE_GUARD
+#define VM_STICKY (VM_SOFTDIRTY | VM_MAYBE_GUARD)
/*
* VMA flags we ignore for the purposes of merge, i.e. one VMA possessing one
* of these flags and the other not does not preclude a merge.
*
- * VM_SOFTDIRTY - Should not prevent from VMA merging, if we match the flags but
- * dirty bit -- the caller should mark merged VMA as dirty. If
- * dirty bit won't be excluded from comparison, we increase
- * pressure on the memory system forcing the kernel to generate
- * new VMAs when old one could be extended instead.
- *
- * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones
- * which should propagate to all VMAs, but the other does not,
- * the merge should still proceed with the merge logic applying
- * sticky flags to the final VMA.
+ * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones
+ * which should propagate to all VMAs, but the other does not,
+ * the merge should still proceed with the merge logic applying
+ * sticky flags to the final VMA.
*/
-#define VM_IGNORE_MERGE (VM_SOFTDIRTY | VM_STICKY)
+#define VM_IGNORE_MERGE VM_STICKY
/*
* Flags which should result in page tables being copied on fork. These are
--
2.51.0* Lorenzo Stoakes <lorenzo.stoakes@oracle.com> [251114 12:53]: > Currently we set VM_SOFTDIRTY when a new mapping is set up (whether by > establishing a new VMA, or via merge) as implemented in __mmap_complete() > and do_brk_flags(). > > However, when performing a merge of existing mappings such as when > performing mprotect(), we may lose the VM_SOFTDIRTY flag. > > This is because currently we simply ignore VM_SOFTDIRTY for the purposes of > merge, so one VMA may possess the flag and another not, and whichever > happens to be the target VMA will be the one upon which the merge is > performed which may or may not have VM_SOFTDIRTY set. > > Now we have the concept of 'sticky' VMA flags, let's make VM_SOFTDIRTY one > which solves this issue. > > Additionally update VMA userland tests to propagate changes. > Nit below on the comment, but looks good. Reviewed-by: Liam R. Howlett <Liam.Howlett@oracle.com> > Suggested-by: Vlastimil Babka <vbabka@suse.cz> > Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > --- > include/linux/mm.h | 23 +++++++++++------------ > tools/testing/vma/vma_internal.h | 23 +++++++++++------------ > 2 files changed, 22 insertions(+), 24 deletions(-) > > diff --git a/include/linux/mm.h b/include/linux/mm.h > index 43eec43da66a..fd9eeff07eb5 100644 > --- a/include/linux/mm.h > +++ b/include/linux/mm.h > @@ -532,29 +532,28 @@ extern unsigned int kobjsize(const void *objp); > * possesses it but the other does not, the merged VMA should nonetheless have > * applied to it: > * > + * VM_SOFTDIRTY - if a VMA is marked soft-dirty, that is has not had its > + * references cleared via /proc/$pid/clear_refs, any merged VMA > + * should be considered soft-dirty also as it operates at a VMA > + * granularity. > + * > * VM_MAYBE_GUARD - If a VMA may have guard regions in place it implies that > * mapped page tables may contain metadata not described by the > * VMA and thus any merged VMA may also contain this metadata, > * and thus we must make this flag sticky. > */ > -#define VM_STICKY VM_MAYBE_GUARD > +#define VM_STICKY (VM_SOFTDIRTY | VM_MAYBE_GUARD) > > /* > * VMA flags we ignore for the purposes of merge, i.e. one VMA possessing one > * of these flags and the other not does not preclude a merge. > * > - * VM_SOFTDIRTY - Should not prevent from VMA merging, if we match the flags but > - * dirty bit -- the caller should mark merged VMA as dirty. If > - * dirty bit won't be excluded from comparison, we increase > - * pressure on the memory system forcing the kernel to generate > - * new VMAs when old one could be extended instead. > - * > - * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones > - * which should propagate to all VMAs, but the other does not, > - * the merge should still proceed with the merge logic applying > - * sticky flags to the final VMA. > + * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones > + * which should propagate to all VMAs, but the other does not, > + * the merge should still proceed with the merge logic applying > + * sticky flags to the final VMA. Nit, could we also fix the wording of this comment when you are fixing the spacing? > */ > -#define VM_IGNORE_MERGE (VM_SOFTDIRTY | VM_STICKY) > +#define VM_IGNORE_MERGE VM_STICKY I also like keeping this for self-documenting code. Thanks, Liam
On Fri, Nov 14, 2025 at 05:53:18PM +0000, Lorenzo Stoakes wrote: > Currently we set VM_SOFTDIRTY when a new mapping is set up (whether by > establishing a new VMA, or via merge) as implemented in __mmap_complete() > and do_brk_flags(). > > However, when performing a merge of existing mappings such as when > performing mprotect(), we may lose the VM_SOFTDIRTY flag. Does it make sense to backport this to stable? A more minimal version, that is. > > This is because currently we simply ignore VM_SOFTDIRTY for the purposes of > merge, so one VMA may possess the flag and another not, and whichever > happens to be the target VMA will be the one upon which the merge is > performed which may or may not have VM_SOFTDIRTY set. > > Now we have the concept of 'sticky' VMA flags, let's make VM_SOFTDIRTY one > which solves this issue. > > Additionally update VMA userland tests to propagate changes. > > Suggested-by: Vlastimil Babka <vbabka@suse.cz> > Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> Reviewed-by: Pedro Falcato <pfalcato@suse.de> -- Pedro
On Mon, Nov 17, 2025 at 03:47:51PM +0000, Pedro Falcato wrote: > On Fri, Nov 14, 2025 at 05:53:18PM +0000, Lorenzo Stoakes wrote: > > Currently we set VM_SOFTDIRTY when a new mapping is set up (whether by > > establishing a new VMA, or via merge) as implemented in __mmap_complete() > > and do_brk_flags(). > > > > However, when performing a merge of existing mappings such as when > > performing mprotect(), we may lose the VM_SOFTDIRTY flag. > > Does it make sense to backport this to stable? A more minimal version, that is. No :) This has been subtly broken since forever. I don't think it warrants that and it'd require significant and risky changes to older kernels to even make it possible. It's more a biproduct of features added so let's fix this going forward. > > > > > This is because currently we simply ignore VM_SOFTDIRTY for the purposes of > > merge, so one VMA may possess the flag and another not, and whichever > > happens to be the target VMA will be the one upon which the merge is > > performed which may or may not have VM_SOFTDIRTY set. > > > > Now we have the concept of 'sticky' VMA flags, let's make VM_SOFTDIRTY one > > which solves this issue. > > > > Additionally update VMA userland tests to propagate changes. > > > > Suggested-by: Vlastimil Babka <vbabka@suse.cz> > > Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > > Reviewed-by: Pedro Falcato <pfalcato@suse.de> Thanks! > > -- > Pedro Cheers, Lorenzo
On 14.11.25 18:53, Lorenzo Stoakes wrote: > Currently we set VM_SOFTDIRTY when a new mapping is set up (whether by > establishing a new VMA, or via merge) as implemented in __mmap_complete() > and do_brk_flags(). > > However, when performing a merge of existing mappings such as when > performing mprotect(), we may lose the VM_SOFTDIRTY flag. > > This is because currently we simply ignore VM_SOFTDIRTY for the purposes of > merge, so one VMA may possess the flag and another not, and whichever > happens to be the target VMA will be the one upon which the merge is > performed which may or may not have VM_SOFTDIRTY set. > > Now we have the concept of 'sticky' VMA flags, let's make VM_SOFTDIRTY one > which solves this issue. > > Additionally update VMA userland tests to propagate changes. > > Suggested-by: Vlastimil Babka <vbabka@suse.cz> > Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > --- Looks reasonable to me. I thought that we had that behavior in the past ... but I also remember scenarios where we would have imprecise soft-dirty handling. So I assume this was semi-broken for a while (soft-broken :) ) Acked-by: David Hildenbrand (Red Hat) <david@kernel.org> -- Cheers David
On Mon, Nov 17, 2025 at 03:25:05PM +0100, David Hildenbrand (Red Hat) wrote: > On 14.11.25 18:53, Lorenzo Stoakes wrote: > > Currently we set VM_SOFTDIRTY when a new mapping is set up (whether by > > establishing a new VMA, or via merge) as implemented in __mmap_complete() > > and do_brk_flags(). > > > > However, when performing a merge of existing mappings such as when > > performing mprotect(), we may lose the VM_SOFTDIRTY flag. > > > > This is because currently we simply ignore VM_SOFTDIRTY for the purposes of > > merge, so one VMA may possess the flag and another not, and whichever > > happens to be the target VMA will be the one upon which the merge is > > performed which may or may not have VM_SOFTDIRTY set. > > > > Now we have the concept of 'sticky' VMA flags, let's make VM_SOFTDIRTY one > > which solves this issue. > > > > Additionally update VMA userland tests to propagate changes. > > > > Suggested-by: Vlastimil Babka <vbabka@suse.cz> > > Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > > --- > > Looks reasonable to me. I thought that we had that behavior in the past ... > but I also remember scenarios where we would have imprecise soft-dirty > handling. So I assume this was semi-broken for a while (soft-broken :) ) :)) Yeah it's only specific merge scenarios, and only when you e.g. already cleared refs then mapped a new VMA and it happened to merge. Nicer thing about this change is we stop treating VM_SOFTDIRTY like an exception on merge :) > > Acked-by: David Hildenbrand (Red Hat) <david@kernel.org> Cheers! > > -- > Cheers > > David
On 14/11/25 11:23 PM, Lorenzo Stoakes wrote: > Currently we set VM_SOFTDIRTY when a new mapping is set up (whether by > establishing a new VMA, or via merge) as implemented in __mmap_complete() > and do_brk_flags(). > > However, when performing a merge of existing mappings such as when > performing mprotect(), we may lose the VM_SOFTDIRTY flag. > > This is because currently we simply ignore VM_SOFTDIRTY for the purposes of > merge, so one VMA may possess the flag and another not, and whichever > happens to be the target VMA will be the one upon which the merge is > performed which may or may not have VM_SOFTDIRTY set. > > Now we have the concept of 'sticky' VMA flags, let's make VM_SOFTDIRTY one > which solves this issue. > > Additionally update VMA userland tests to propagate changes. > > Suggested-by: Vlastimil Babka <vbabka@suse.cz> > Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > --- > include/linux/mm.h | 23 +++++++++++------------ > tools/testing/vma/vma_internal.h | 23 +++++++++++------------ > 2 files changed, 22 insertions(+), 24 deletions(-) > > diff --git a/include/linux/mm.h b/include/linux/mm.h > index 43eec43da66a..fd9eeff07eb5 100644 > --- a/include/linux/mm.h > +++ b/include/linux/mm.h > @@ -532,29 +532,28 @@ extern unsigned int kobjsize(const void *objp); > * possesses it but the other does not, the merged VMA should nonetheless have > * applied to it: > * > + * VM_SOFTDIRTY - if a VMA is marked soft-dirty, that is has not had its > + * references cleared via /proc/$pid/clear_refs, any merged VMA > + * should be considered soft-dirty also as it operates at a VMA > + * granularity. > + * > * VM_MAYBE_GUARD - If a VMA may have guard regions in place it implies that > * mapped page tables may contain metadata not described by the > * VMA and thus any merged VMA may also contain this metadata, > * and thus we must make this flag sticky. > */ > -#define VM_STICKY VM_MAYBE_GUARD > +#define VM_STICKY (VM_SOFTDIRTY | VM_MAYBE_GUARD) > > /* > * VMA flags we ignore for the purposes of merge, i.e. one VMA possessing one > * of these flags and the other not does not preclude a merge. > * > - * VM_SOFTDIRTY - Should not prevent from VMA merging, if we match the flags but > - * dirty bit -- the caller should mark merged VMA as dirty. If > - * dirty bit won't be excluded from comparison, we increase > - * pressure on the memory system forcing the kernel to generate > - * new VMAs when old one could be extended instead. > - * > - * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones > - * which should propagate to all VMAs, but the other does not, > - * the merge should still proceed with the merge logic applying > - * sticky flags to the final VMA. > + * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones > + * which should propagate to all VMAs, but the other does not, > + * the merge should still proceed with the merge logic applying > + * sticky flags to the final VMA. > */ > -#define VM_IGNORE_MERGE (VM_SOFTDIRTY | VM_STICKY) > +#define VM_IGNORE_MERGE VM_STICKY Logically VM_STICKY should be the only flag qualifying for VM_IGNORE_MERGE. In that case should not VM_IGNORE_MERGE flag be dropped all together ?
On Mon, Nov 17, 2025 at 10:09:37AM +0530, Anshuman Khandual wrote: > > > On 14/11/25 11:23 PM, Lorenzo Stoakes wrote: > > Currently we set VM_SOFTDIRTY when a new mapping is set up (whether by > > establishing a new VMA, or via merge) as implemented in __mmap_complete() > > and do_brk_flags(). > > > > However, when performing a merge of existing mappings such as when > > performing mprotect(), we may lose the VM_SOFTDIRTY flag. > > > > This is because currently we simply ignore VM_SOFTDIRTY for the purposes of > > merge, so one VMA may possess the flag and another not, and whichever > > happens to be the target VMA will be the one upon which the merge is > > performed which may or may not have VM_SOFTDIRTY set. > > > > Now we have the concept of 'sticky' VMA flags, let's make VM_SOFTDIRTY one > > which solves this issue. > > > > Additionally update VMA userland tests to propagate changes. > > > > Suggested-by: Vlastimil Babka <vbabka@suse.cz> > > Signed-off-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > > --- > > include/linux/mm.h | 23 +++++++++++------------ > > tools/testing/vma/vma_internal.h | 23 +++++++++++------------ > > 2 files changed, 22 insertions(+), 24 deletions(-) > > > > diff --git a/include/linux/mm.h b/include/linux/mm.h > > index 43eec43da66a..fd9eeff07eb5 100644 > > --- a/include/linux/mm.h > > +++ b/include/linux/mm.h > > @@ -532,29 +532,28 @@ extern unsigned int kobjsize(const void *objp); > > * possesses it but the other does not, the merged VMA should nonetheless have > > * applied to it: > > * > > + * VM_SOFTDIRTY - if a VMA is marked soft-dirty, that is has not had its > > + * references cleared via /proc/$pid/clear_refs, any merged VMA > > + * should be considered soft-dirty also as it operates at a VMA > > + * granularity. > > + * > > * VM_MAYBE_GUARD - If a VMA may have guard regions in place it implies that > > * mapped page tables may contain metadata not described by the > > * VMA and thus any merged VMA may also contain this metadata, > > * and thus we must make this flag sticky. > > */ > > -#define VM_STICKY VM_MAYBE_GUARD > > +#define VM_STICKY (VM_SOFTDIRTY | VM_MAYBE_GUARD) > > > > /* > > * VMA flags we ignore for the purposes of merge, i.e. one VMA possessing one > > * of these flags and the other not does not preclude a merge. > > * > > - * VM_SOFTDIRTY - Should not prevent from VMA merging, if we match the flags but > > - * dirty bit -- the caller should mark merged VMA as dirty. If > > - * dirty bit won't be excluded from comparison, we increase > > - * pressure on the memory system forcing the kernel to generate > > - * new VMAs when old one could be extended instead. > > - * > > - * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones > > - * which should propagate to all VMAs, but the other does not, > > - * the merge should still proceed with the merge logic applying > > - * sticky flags to the final VMA. > > + * VM_STICKY - If one VMA has flags which most be 'sticky', that is ones > > + * which should propagate to all VMAs, but the other does not, > > + * the merge should still proceed with the merge logic applying > > + * sticky flags to the final VMA. > > */ > > -#define VM_IGNORE_MERGE (VM_SOFTDIRTY | VM_STICKY) > > +#define VM_IGNORE_MERGE VM_STICKY > > Logically VM_STICKY should be the only flag qualifying for VM_IGNORE_MERGE. In that > case should not VM_IGNORE_MERGE flag be dropped all together ? I intentionally kept it to be explicit. This is self-documenting as-is.
© 2016 - 2026 Red Hat, Inc.