Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp33570284rwd; Sat, 8 Jul 2023 15:30:38 -0700 (PDT) X-Google-Smtp-Source: APBJJlErYrKDAJDSwvLsk8jdgEiF8ouYpgo8zDaXCxhhucXWc86/aPLmxELDYgq07IyH10rOG+y7 X-Received: by 2002:a17:906:ecae:b0:978:b94e:83dd with SMTP id qh14-20020a170906ecae00b00978b94e83ddmr6184941ejb.75.1688855438489; Sat, 08 Jul 2023 15:30:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1688855438; cv=none; d=google.com; s=arc-20160816; b=x4YXUExRy6XzVk5/nGD/672/VcNVt7Hlb0yGktQAtpfhCIsdBlmcx2SV/GEZM4gv0l 8ivkUUOsFsh1Ct/BT9GF+4+P+oHIaLwcFcCyIN/GsbaRHRDP7UPq7Y1Ey1aPyWDlg+cn s7RrEvx9i4vIqgpv5mN218vkugOi56DjcZuwwA504620bn69B7/tE0ZxW+NzPxd8BlCB Ii/+JEBgcwZr8/oJRx3JWoVxmVjwSgQoH+JadBmbiRqMVtMEWP2OQKsoCCY3UXRebDDo xZTbAqAlmNhQ2HMLiIohuyE7KKMfVLORnZ2EAPfLfHuKr2cCZea+BceNRMNSYE34rW4N QBaw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=NYkpMcCqLkVQ1Acc1vLb6z5Gk8ZLjHpR5RYSSOrvZGs=; fh=+XJYR5Tbv4zDgnDPskw6K8pka3zjfxeJvQDljb7mroo=; b=J8TI9EPltPQMcX0GG8aF2Loc9qUfNCpR8+nNIUSZ/Ky6NZSpaM7uqbq1OdBag+HosX sNGYP0wmEzUVMMkYWyD4gxKObsIvCruoq1SYODB8xKqcWRjQmgQUnRLYPy9hFuvk+QxV WQlPBMB6hGO4uA7aResjoep8h2Qwl/jYmCydXK/YouNAp94krdpdvW7bPDfyZKl3DxaQ 1s1CBrakCUEqhoC6tcjckKz1XnM6Ffo6GoUoYGIPD3RRR8d2SrkGVmtLPDomaXOBfhFg aSVOwYxfM+2adyMN+k0mKlER+L+Sz1L31bFbz2oV1MkEYOn37c95DEbr6RvqN9I/aUf/ a2ew== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=Nb3QCbvk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f25-20020a1709064dd900b009827e183e9fsi2267285ejw.636.2023.07.08.15.30.05; Sat, 08 Jul 2023 15:30:38 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=Nb3QCbvk; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229783AbjGHVS4 (ORCPT + 99 others); Sat, 8 Jul 2023 17:18:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39490 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229436AbjGHVSy (ORCPT ); Sat, 8 Jul 2023 17:18:54 -0400 Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 488701BC for ; Sat, 8 Jul 2023 14:18:50 -0700 (PDT) Received: by mail-lf1-x12d.google.com with SMTP id 2adb3069b0e04-4fb73ba3b5dso5026287e87.1 for ; Sat, 08 Jul 2023 14:18:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; t=1688851128; x=1691443128; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=NYkpMcCqLkVQ1Acc1vLb6z5Gk8ZLjHpR5RYSSOrvZGs=; b=Nb3QCbvkIpeTDcpUQ65nqxbIAfPmInaCnV0Kn+S1p+cWlTmFngKhFoWR/L/+W5m6f1 AyBgaXE9ZNr/xXLKhklSQHcGCB0KoKMN5zQd8RVI6cKw9IyADeXsgg7JxiRDExhiBOiL X/3IXLdza+9v4CmV3u+di3BhkYQFm7NBZzYrQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688851128; x=1691443128; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=NYkpMcCqLkVQ1Acc1vLb6z5Gk8ZLjHpR5RYSSOrvZGs=; b=FglmtHsBt8pXjwgplJHS5EOgDgIPxeCqfQuUtoQ/h+NiOatlFQMdYLD0Fh7ZBDF5Wt s2wXubRddkv2Es6a4nSfn1zE7/7NNlC9RWKE3SkMMJZYUqsmaJ2c+pDljIdQzOc1HcQT 7uU9iWk3m6QLS+nktBcsxq59bJHbGN6pT6ZU1Wdm/1H5f3s70DhgnydU0coMDhT1fH2F KQ8N4+2JfVvkvj4pc+UoTirmJ1JsKctRdz4/EyS7EaSwVdiB2gY5MPiwIQTVg3EfjTCE kCqKosGde1QT1Y95NIRIFlpo6wCRvXYRmtMJPV0iMNlJbPh57mp4oeBSonF/AGCxMl5r YkyA== X-Gm-Message-State: ABy/qLZ1OLOHhyhW67rA0wp/aKxy2N12VyuHUCXVvn40rzS8ryRnZYGv 1JSU9RCDVruJ9vBXr6IMEJ/3jKbkzxxwzu9ZdhDb9qUm X-Received: by 2002:ac2:58ef:0:b0:4f9:72a5:2b76 with SMTP id v15-20020ac258ef000000b004f972a52b76mr5550955lfo.65.1688851128389; Sat, 08 Jul 2023 14:18:48 -0700 (PDT) Received: from mail-lf1-f54.google.com (mail-lf1-f54.google.com. [209.85.167.54]) by smtp.gmail.com with ESMTPSA id x11-20020ac259cb000000b004fb745fd21esm1126347lfn.122.2023.07.08.14.18.46 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 08 Jul 2023 14:18:47 -0700 (PDT) Received: by mail-lf1-f54.google.com with SMTP id 2adb3069b0e04-4f9fdb0ef35so5041864e87.0 for ; Sat, 08 Jul 2023 14:18:46 -0700 (PDT) X-Received: by 2002:a19:670b:0:b0:4f8:742f:3bed with SMTP id b11-20020a19670b000000b004f8742f3bedmr6097080lfc.37.1688851126226; Sat, 08 Jul 2023 14:18:46 -0700 (PDT) MIME-Version: 1.0 References: <20230708191212.4147700-1-surenb@google.com> <20230708191212.4147700-3-surenb@google.com> In-Reply-To: <20230708191212.4147700-3-surenb@google.com> From: Linus Torvalds Date: Sat, 8 Jul 2023 14:18:29 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 3/3] fork: lock VMAs of the parent process when forking To: Suren Baghdasaryan Cc: akpm@linux-foundation.org, regressions@leemhuis.info, bagasdotme@gmail.com, jacobly.alt@gmail.com, willy@infradead.org, liam.howlett@oracle.com, david@redhat.com, peterx@redhat.com, ldufour@linux.ibm.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, linuxppc-dev@lists.ozlabs.org, linux-arm-kernel@lists.infradead.org, gregkh@linuxfoundation.org, regressions@lists.linux.dev, Jiri Slaby , =?UTF-8?Q?Holger_Hoffst=C3=A4tte?= , stable@vger.kernel.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, 8 Jul 2023 at 12:12, Suren Baghdasaryan wrote: > > kernel/fork.c | 1 + > 1 file changed, 1 insertion(+) I ended up editing your explanation a lot. I'm not convinced that the bug has much to do with the delayed tlb flushing. I think it's more fundamental than some tlb coherence issue: our VM copying simply expects to not have any unrelated concurrent page fault activity, and various random internal data structures simply rely on that. I made up an example that I'm not sure is relevant to any of the particular failures, but that I think is a non-TLB case: the parent 'vma->anon_vma' chain is copied by dup_mmap() in anon_vma_fork(), and it's possible that the parent vma didn't have any anon_vma associated with it at that point. But a concurrent page fault to the same vma - even *before* the page tables have been copied, and when the TLB is still entirely coherent - could then cause a anon_vma_prepare() on that parent vma, and associate one of the pages with that anon-vma. Then the page table copy happens, and that page gets marked read-only again, and is added to both the parent and the child vma's, but the child vma never got associated with the parents new anon_vma, because it didn't exist when anon_vma_fork() happened. Does this ever happen? I have no idea. But it would seem to be an example that really has nothing to do with any TLB state, and is just simply "we cannot handle concurrent page faults while we're busy copying the mm". Again - maybe I messed up, but it really feels like the missing vma_start_write() was more fundamental, and not some "TLB coherency" issue. Linus