Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp2803659imm;
        Tue, 4 Sep 2018 10:13:50 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdbxSc9/cCiQ7IWKqiATAtUci5KMXwUHN3kaG5zqqdNxBBnK/JSV9LrnwohAW7trQ+OhgVE8
X-Received: by 2002:a62:6781:: with SMTP id t1-v6mr35985967pfj.200.1536081229949;
        Tue, 04 Sep 2018 10:13:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536081229; cv=none;
        d=google.com; s=arc-20160816;
        b=n1/+3Str3sZFsWIXnKj9+RDslo6QbCv31WDgecGM5KWaPJwKAzIh00GUIBoDOkX25h
         CSfjV1lA44o5fZW1ocEpIViyP00Auw1VF1Y/SLPUQ4E8imieEeIaJqgyoNGz7t8KenNF
         totux79Hhhv0XlhKy1+1UGfC61QvtaFdzWsexjWoZehE8fDY612xn8HV3wGykkFmkonS
         AukSIjVueKXoB83CunESqUK7HVPGPl/WJJ6G/Mzipo7Q8hYwZzURFPVlI5Oqok9u13z+
         mObuPV3yG17kx5ERDBAaK2uXM2Hp80GXVNgm9uEL5yTeNj6C6xcIMsewcLw3DbVIV4ht
         6Hsw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:cc:to:subject
         :message-id:date:from:in-reply-to:references:mime-version
         :dkim-signature:arc-authentication-results;
        bh=LNzBG5pGV6EojKq7EBEUw6ktl2I8dAwisfYUZ5sCKXM=;
        b=n/xBcqf9Z9RQT39kMcgE7ElzmxnBOrJyH4/gmZ6gTByfJsdr4Wxy/9TTfdP8d45636
         UKDSlEZVgdeYusAThUEYGNfrl5B12azkNnAyYtYeOr1SNbwVDRB7GNxbQ+Cr4Zzfbiv9
         mTS/BihgRVsy8QgIoUL07/OIH9QNo0IE1kcXBpOjNR1t9Xk2eBjkKMrOamwWpr34JW77
         XFn0Dqs8TZLwDNGZiGrxG4iUeKD4p5viDgw2+nC6VvZlYatG8VvMF0TKSYRxDzWwKYBf
         HyVj/xnYgyRwTet50mEiOu+AnxO9CyUsSRzynAVJFziGt/ePdzg6mdEiAD2L4kjQGUkT
         h/DA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=IAN7WsvD;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 91-v6si4507767ple.169.2018.09.04.10.13.33;
        Tue, 04 Sep 2018 10:13:49 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=IAN7WsvD;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727602AbeIDVi0 (ORCPT <rfc822;414256we@gmail.com> + 99 others);
        Tue, 4 Sep 2018 17:38:26 -0400
Received: from mail-io0-f196.google.com ([209.85.223.196]:36898 "EHLO
        mail-io0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726312AbeIDVi0 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 4 Sep 2018 17:38:26 -0400
Received: by mail-io0-f196.google.com with SMTP id v14-v6so3640355iob.4;
        Tue, 04 Sep 2018 10:12:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc:content-transfer-encoding;
        bh=LNzBG5pGV6EojKq7EBEUw6ktl2I8dAwisfYUZ5sCKXM=;
        b=IAN7WsvD0VpuKaxWpKRTVKczB+PlCaGAtezELT8O2ol7r9WpspiRldt7nBOSywqJrj
         kfG98rk8hBWw2td0YyHKhF47SL3pHOS7H+ehfKe39QONtK2XbSZONY5txBltFMoEBPYU
         D497vekDYC++LOuhggKBc7BQt97++StuGgRpE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc:content-transfer-encoding;
        bh=LNzBG5pGV6EojKq7EBEUw6ktl2I8dAwisfYUZ5sCKXM=;
        b=WSJtgijqhGJ0nDuQz1obAAEBOvizFXJq+fT1QTgXkjbYu0YSX7biNh9UeYp8ZtQti4
         kWuGZNQC/o8LfNOGMFMb+rfPItzL6jGpaWhIR9WP+j0oNuQMHT8Apixht+yBbadQRKg5
         KksfcA2o+r5xNkOP4xQApHWXNzythDp0VA0uOGpXnboS5lN6QRPLXSmE3OEOLlT4bK+T
         +xFiE/kvJJgCPM/SYUMorENSe3mwXkp2rArErM2/y4LCpsEkoOyVWoO9Eg/S01eWNEbA
         jnXeUmkRuj0I3C5it868vSoVibXfRfJkAhwSYU5IXMIBhS+KYcAd/fu7sSb9FirTQrpP
         cuQg==
X-Gm-Message-State: APzg51AHoK2fop5vgwa2DY5GoIAY0siDpGgnUeVzSX3N3Yjc9fqzRiQi
        BrH+R7iQJETtLmmaGcUsElAMTcYCzFWLIDWUlew=
X-Received: by 2002:a6b:97c6:: with SMTP id z189-v6mr23752116iod.120.1536081144698;
 Tue, 04 Sep 2018 10:12:24 -0700 (PDT)
MIME-Version: 1.0
References: <20180903165719.499675257@linuxfoundation.org> <64889a4a-c095-3db8-b496-631acbafcf9a@applied-asynchrony.com>
In-Reply-To: <64889a4a-c095-3db8-b496-631acbafcf9a@applied-asynchrony.com>
From:   Linus Torvalds <torvalds@linux-foundation.org>
Date:   Tue, 4 Sep 2018 10:12:13 -0700
Message-ID: <CA+55aFyDZR4SGotsxUA7ahCGCDr+PGnn=_13e_0_W2SnoQbM5w@mail.gmail.com>
Subject: Re: [PATCH 4.18 000/123] 4.18.6-stable review
To:     holger@applied-asynchrony.com
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Guenter Roeck <linux@roeck-us.net>,
        Shuah Khan <shuah@kernel.org>, patches@kernelci.org,
        Ben Hutchings <ben.hutchings@codethink.co.uk>,
        lkft-triage@lists.linaro.org, stable <stable@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Sep 3, 2018 at 11:39 AM Holger Hoffst=C3=A4tte
<holger@applied-asynchrony.com> wrote:
>
> Sep  3 20:19:38 ragnarok kernel:  tlb_flush_mmu_tlbonly+0x76/0xc0
> Sep  3 20:19:38 ragnarok kernel:  tlb_table_flush.part.13+0xe/0x30
> Sep  3 20:19:38 ragnarok kernel:  tlb_flush_mmu_tlbonly+0x54/0xc0
> ..a few hundred times..
> Sep  3 20:19:38 ragnarok kernel:  tlb_table_flush.part.13+0xe/0x30
> Sep  3 20:19:38 ragnarok kernel:  tlb_flush_mmu_tlbonly+0x54/0xc0
> Sep  3 20:19:38 ragnarok kernel:  arch_tlb_finish_mmu+0x3a/0x70
> Sep  3 20:19:38 ragnarok kernel:  tlb_finish_mmu+0x1f/0x30

Yeah, so what seems to have happened is that commit db7ddef30112 ("mm:
move tlb_table_flush to tlb_flush_mmu_free") wasn't applied to the
stable tree (because it wasn't an obvious dependency).

And without that, the backport of d86564a2f085 ("mm/tlb, x86/mm:
Support invalidating TLB caches for RCU_TABLE_FREE") ends up with
recursion from tlb_flush_mmu_tlbonly() calling tlb_table_flush(),
which in turn calls tlb_table_invalidate(), which calls back to
tlb_flush_mmu_tlbonly().

So you have endless recursion - at least until you run out of stack.
Then, if you have VMAP_STACK enabled (x86-64 without KASAN), you get a
nice clean kernel stack overflow message like you did.

Or if you have KASAN enabled and no VMAP stack, you just end up with
random hangs and huge memory corruption as the recursion stomps all
over your memory.

          Linus