From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6A409E77184 for ; Thu, 19 Dec 2024 09:13:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7C8F86B0082; Thu, 19 Dec 2024 04:13:46 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 778726B0083; Thu, 19 Dec 2024 04:13:46 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 63F776B0085; Thu, 19 Dec 2024 04:13:46 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 469636B0082 for ; Thu, 19 Dec 2024 04:13:46 -0500 (EST) Received: from smtpin26.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id AAAEB141530 for ; Thu, 19 Dec 2024 09:13:45 +0000 (UTC) X-FDA: 82911145044.26.7B996F6 Received: from desiato.infradead.org (desiato.infradead.org [90.155.92.199]) by imf11.hostedemail.com (Postfix) with ESMTP id CB1AE40010 for ; Thu, 19 Dec 2024 09:13:13 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=infradead.org header.s=desiato.20200630 header.b=aZVDbp1X; spf=none (imf11.hostedemail.com: domain of peterz@infradead.org has no SPF policy when checking 90.155.92.199) smtp.mailfrom=peterz@infradead.org; dmarc=none ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1734599593; a=rsa-sha256; cv=none; b=L6SLjWm+Ti6j2D4N+FK7y2A2G0TsfMBMtkdytv1ZuLSCbF+hYMA+Icdha3We1F+jw0O5Uo yxhduE6n63kl8jZg+LKkJYmLDqc/NXUjkc1R5k69T9bjiZO5OgRrBW8HlCifU/Tnq1Qjfw 52G0JYMlkHNejNXVR+nEh5v3Vs/5I6c= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=infradead.org header.s=desiato.20200630 header.b=aZVDbp1X; spf=none (imf11.hostedemail.com: domain of peterz@infradead.org has no SPF policy when checking 90.155.92.199) smtp.mailfrom=peterz@infradead.org; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1734599593; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=xFCcOBb9eMvxc6GhECSeXMy/EsYjD7GWOE/6oJ0KceQ=; b=7EfZ1qHzQvEmgVJ4lKPSx+AnGS2ppKC49NYIhgVjAsfzfqOI+It+sLZToSHMvLbudndyvm WVP2UZmU2kg7M8FGxQ4uwRbOOu9xp7MtxE2n0JIHwMSiRQnRCMVxJahS4MZUVXeNUQAf88 Un5oHq2JoPgFpcFUIx/iXAspPZNMquY= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=desiato.20200630; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=xFCcOBb9eMvxc6GhECSeXMy/EsYjD7GWOE/6oJ0KceQ=; b=aZVDbp1XznBHq/27DPPV1JJSG8 pBTAOiceVhuJuQsZKbQJ8OV3W4pEu7UqSjVRRjF6ZFkVm5d/GAjPNHaxM7wrZLKYWJhngcb2Zrd6q QeqFXdclPgtqYGjPYn+Fz37yE80/ibO5MH5PRld/ivlIu4Thqc/D+Nc8O6Ajb8p8YDd8WmmVGcrZR e5YSZx6Vl/0GtGKDp594inX58sMQMkXZ/3CWFySF65fzR1dLIrNDLsvYBEOnRlcP0ih3dWgEM/9eP AYqxoLXQqaOIhkMW+KVRBW3LPoqaGmy9QwXCI0+EkCg288FPzGEjWQL8zV2U/ihxDmZaB99HAr/mO pC0Ulvrg==; Received: from 77-249-17-89.cable.dynamic.v4.ziggo.nl ([77.249.17.89] helo=noisy.programming.kicks-ass.net) by desiato.infradead.org with esmtpsa (Exim 4.98 #2 (Red Hat Linux)) id 1tOCb8-00000005Q3z-3i8w; Thu, 19 Dec 2024 09:13:35 +0000 Received: by noisy.programming.kicks-ass.net (Postfix, from userid 1000) id 6DFE03003FF; Thu, 19 Dec 2024 10:13:34 +0100 (CET) Date: Thu, 19 Dec 2024 10:13:34 +0100 From: Peter Zijlstra To: Suren Baghdasaryan Cc: "Liam R. Howlett" , akpm@linux-foundation.org, willy@infradead.org, lorenzo.stoakes@oracle.com, mhocko@suse.com, vbabka@suse.cz, hannes@cmpxchg.org, mjguzik@gmail.com, oliver.sang@intel.com, mgorman@techsingularity.net, david@redhat.com, peterx@redhat.com, oleg@redhat.com, dave@stgolabs.net, paulmck@kernel.org, brauner@kernel.org, dhowells@redhat.com, hdanton@sina.com, hughd@google.com, lokeshgidra@google.com, minchan@google.com, jannh@google.com, shakeel.butt@linux.dev, souravpanda@google.com, pasha.tatashin@soleen.com, klarasmodin@gmail.com, corbet@lwn.net, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, kernel-team@android.com Subject: Re: [PATCH v6 10/16] mm: replace vm_lock and detached flag with a reference count Message-ID: <20241219091334.GC26551@noisy.programming.kicks-ass.net> References: <20241218174428.GQ2354@noisy.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: CB1AE40010 X-Stat-Signature: do45rr7kzmnwaf8rj456r3h3ypbtqwb3 X-Rspam-User: X-Rspamd-Server: rspam09 X-HE-Tag: 1734599593-415713 X-HE-Meta: U2FsdGVkX1+kq8Mspv7SXBuDoZktBp+RhLlsq2kfc3S2cqRAevRrqOZmfmm4qwNHzG7Z2uE330PJM7/6L+vGuOgq5nkXgUII3p+cKadfjaYjkMV+182/CUyhGekZgRVHCtopbEKxuFhQAjM4pjrTiqVRJ40Ouon5Otx8jqIsJQ9e+QldM0jdc8dpAn20UaitSlnZR3UZrdthCzkZmnZo8Fb30d13UJ2QYoIrHJsVDUzyBcZwo16vK2apW8JlwG4KP/7EuAZCTxZ9ATLTkly8pHvCNiqhGyzSggZJwNiO85yUQZeO7MG6F/tu9n5jmPyTXgttT1foFfYnhbfz9exHi53UABgHNe+k4Nfrc32bdT6/Rc33eJ5tBqKvklljjpl8hSxwdnQVBIdEKyoRUhiksPqX8SWXJKVDSokPRI0N6Fbz4OsJE9Fa3kmzarvE7dMC6YN2zTA5+V5r9UkxrT+u1z3CXu99HcHMFr503C8lfmVrw6MQ2nCgYJ5899UTXbia2N400FDFUiULOeBtdPEpzspF3Y0i9OBG4w86Cd9flC8WK86d5ErwPW2MNhY+9Pe+RxRVHBlm9eMBqsXnOvA2ay39QCnxXrtvbLy6onm926dx8BcpcaT2MCz+IbzEGbPfAo7xENlZPdPWATdmVomuOwqUhAkBmKRNpAHMKxcr67it4OL73i96ZxEfSXg9fmJK6jzKKTpekppwDCWwwQVZnFNLj32dj08mMRSSkDdYGDDoQHt23Vr7jzQZcDrWmmlByYVavHzEJOB17Bnh/QV5W7I66Z/fJogwzYTyWf3tkq18vTHpOzFOdq6iQ2zSLMNdiCrCm44q6cOBaycDE1/LlBwEPRpMdJL/oqq0Ysj4YAWktD8KXIsWXM6OflP1Suqff3K8AwelvUds+Gwj8GOU7IdMBkui1KaeUP7UZSzC1W79/8TNxZ4GZipLtfHfOjlqXOOb2cYdlk4dQsf/8nN VkuhgoQE jG0bH9txwZavXy/VbVxU/41DuS5Dqcwt73rFp8eEKUO/D8szc/jF+SBhmevrpEdpoXUq7iQNy49A2H7egJ0THh5674x0WWPn7dhVP1epkZABcjQxPwGJuQJTCBJ+Wq2M31k4mrkwOxBJ8R4gP4OLKJ1DtX7SA+qQHA2etx8I7fvt0T/s5+uMpaq1y+gQzIm24LIOlLFN7yYYQrXqruFJskhEV/7Ex4S/HjBESJkZasd4UlsWEHiU1WuniJg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Dec 18, 2024 at 01:53:17PM -0800, Suren Baghdasaryan wrote: > Ah, ok I see now. I completely misunderstood what for_each_vma_range() > was doing. > > Then I think vma_start_write() should remain inside > vms_gather_munmap_vmas() and all vmas in mas_detach should be No, it must not. You really are not modifying anything yet (except the split, which we've already noted mark write themselves). > write-locked, even the ones we are not modifying. Otherwise what would > prevent the race I mentioned before? > > __mmap_region > __mmap_prepare > vms_gather_munmap_vmas // adds vmas to be unmapped into mas_detach, > // some locked > by __split_vma(), some not locked > > lock_vma_under_rcu() > vma = mas_walk // finds > unlocked vma also in mas_detach > vma_start_read(vma) // > succeeds since vma is not locked > // vma->detached, vm_start, > vm_end checks pass > // vma is successfully read-locked > > vms_clean_up_area(mas_detach) > vms_clear_ptes > // steps on a cleared PTE So here we have the added complexity that the vma is not unhooked at all. Is there anything that would prevent a concurrent gup_fast() from doing the same -- touch a cleared PTE? AFAICT two threads, one doing overlapping mmap() and the other doing gup_fast() can result in exactly this scenario. If we don't care about the GUP case, when I'm thinking we should not care about the lockless RCU case either. > __mmap_new_vma > vma_set_range // installs new vma in the range > __mmap_complete > vms_complete_munmap_vmas // vmas are write-locked and detached > but it's too late But at this point that old vma really is unhooked, and the vma_write_start() here will ensure readers are gone and it will clear PTEs *again*.