From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id A0F95EB64DC for ; Mon, 3 Jul 2023 09:53:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 336F58E00BB; Mon, 3 Jul 2023 05:53:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2E6AA8E00BA; Mon, 3 Jul 2023 05:53:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 1D6298E00BB; Mon, 3 Jul 2023 05:53:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 0F84C8E00BA for ; Mon, 3 Jul 2023 05:53:12 -0400 (EDT) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id 7FC8B1C7D23 for ; Mon, 3 Jul 2023 09:53:11 +0000 (UTC) X-FDA: 80969837382.19.EEC60F5 Received: from wp530.webpack.hosteurope.de (wp530.webpack.hosteurope.de [80.237.130.52]) by imf16.hostedemail.com (Postfix) with ESMTP id 721EE180014 for ; Mon, 3 Jul 2023 09:53:09 +0000 (UTC) Authentication-Results: imf16.hostedemail.com; dkim=none; spf=pass (imf16.hostedemail.com: domain of regressions@leemhuis.info designates 80.237.130.52 as permitted sender) smtp.mailfrom=regressions@leemhuis.info; dmarc=none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1688377989; h=from:from:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3r0bC080Ke+pvy/rsXaj3CNZBwDvXsBMY2oo5NnmiPU=; b=GRfDdLIHEbPuHqk8eIDqa3yTn9SJuCDUiObqxrRznLsSgnEjZWWiYeEJjtcPCBTUukodw6 sIMyNcDeN/R5KXgFYEkqfyN0W6xC1E9Xc+vEM5+hga5BOOBS/N+wrLQyGCfwxv7Qu22+E2 acI0KVvd8FUUe2hd5UJ+0vHyehUHn2g= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1688377989; a=rsa-sha256; cv=none; b=IFC8KrUYIDjO9DzTZyM9D5DtAhuaDwkywSWpxXuWtxy96YNpPFvaVmyVP6m1toczAOd/8R 8+6l/RJBXJWMisl7g8imxzvcmdVRO6ACz1T1d83zqC2xJs9RJufLHulP3fJFbTHTEt1hKr O3TCeWvCmyXSMDaV6CYrOaZsuHoil3M= ARC-Authentication-Results: i=1; imf16.hostedemail.com; dkim=none; spf=pass (imf16.hostedemail.com: domain of regressions@leemhuis.info designates 80.237.130.52 as permitted sender) smtp.mailfrom=regressions@leemhuis.info; dmarc=none Received: from [2a02:8108:8980:2478:8cde:aa2c:f324:937e]; authenticated by wp530.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) id 1qGGF0-0001X4-1P; Mon, 03 Jul 2023 11:53:06 +0200 Message-ID: <5c7455db-4ed8-b54f-e2d5-d2811908123d@leemhuis.info> Date: Mon, 3 Jul 2023 11:53:05 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0 Subject: Re: Fwd: Memory corruption in multithreaded user space program while calling fork Content-Language: en-US, de-DE To: Bagas Sanjaya , Suren Baghdasaryan , Andrew Morton , Jacob Young , Laurent Dufour Cc: Linux Kernel Mailing List , Linux Regressions , Linux Memory Management , Linux PowerPC , Linux ARM References: From: "Linux regression tracking (Thorsten Leemhuis)" Reply-To: Linux regressions mailing list In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-bounce-key: webpack.hosteurope.de;regressions@leemhuis.info;1688377989;e0272b10; X-HE-SMSGID: 1qGGF0-0001X4-1P X-Rspamd-Queue-Id: 721EE180014 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: j7xqjcph47zbu78gywnzjygmbp8auuqa X-HE-Tag: 1688377989-3282 X-HE-Meta: U2FsdGVkX18tC4TGUzvpRazeXOY5gLOG5Cv1cvAzuDeySALwflSUWrp4w0mcO+PDNUlw1uuOcmW1C9hfhrHGuMBXZ5cK5IZmr6DlS2BFfGHSwrZX8M7AvNtYbZNsKamaif1FLIVXC0wCyvFkvzhTBCzJAbS99E6LhcE+q6aAhuFCVGK+lu51eDEB7VppwWcEb3CUkEyKqqnkAev5hPfpIAaB7H1qU4dA5RHKgFl3zo4211AVUa5NxcgQ0rxbYNjOjulLoOEGfzoCk08GmMK1mfd4hd+P0g5aYa+j+4Zq4s2ZazdUxHAV1lKug2SD3/C0JalbSza4U0+um95o1X456XcwkMY7YIDlmwUSEWJZOlP6+KiVpkfOaPuuNsVj7JdLwB720VXZeYNmKrSI56eJyGgMle1CewJhMj+b7o7qAM1+nR0+U4HY6LnrZzNMB4puOK02i1CA5jFtycNnVlo1O/Yx1oRPWINQ6cG0G59J7XWlYEU17IOBT+5zbDC4lx2bskGJin1EWTLxmGWqN31Iz7SQVwgBAsKiLglZP7z2QiSBW4Z9emC+bsysFtjEyubrHDdWbRKASMjh37h8gmuSlkyISLeJyTkVLOWaXwkfuZNmyrYv/ECPPO1vP02DX96Jcg95TRBl8x8hGZWubO82aNtVXjWvsJa6aM6oo01I7Hhg7XhYpExuM7SprxY++wP+eP+6RPXjvPW248JMLh/46uLUUoOEh0rk5yyT5PNUVBV6XILubp7INWxY9ogcyFlRdz9dwQBCZn9PvRJhrdFHpFofnvlE6cCdWdSiYmE4oCiEiaG3JV3SDTtWbCYxnvKjIduzC65uWvi5win1gAzFs9zZnCUY8UI4jzcqAbzT6iaFKuN0H3mnyHGcllmpyM3yBHOsWAUS/wX+x1QVuWfc22r1C4nHSYUFrsRzjo3EJ/LdpwpKI9Gda0/EXe0EHb/SbFJ2ntG/F5d3zRg/Hei yd4nd7gb zdIP4nnVNT0f2vp3nUx/YdMvoKA65XrklZOREKRV0obEwxo7dS193V3D2eI5cqBRrHGwUpTqUulnAGYHEGN3YPjISbW6ny/qOccpwg4JPIXymG2rk5fPjOPyKwABh3kkfKFFlpTNer+lnoHyGn5n9iBFMwDvNQLSZ+h5zFdoT4/Y/WR5o3f2cHUSnMFtXLcZPy6LgRq5GH+6n1jccB67BbF5BTMEoCyALZGta1v0BOOMmgTio6l8MdIKhI+9RglKe1fjwfRFsNKIW7JYPBCHF+4QDyn/tEDjnPlR40764GGNhzqUBGyWT/AcROvOj07pgpZjcPOGOe4ze8EjFaSpWidW15JsVFvgvYrDZIlD2ZTdmLKBdbSnSa0Cdu5fgc/3ieNQ2VQS5iRjrx/P05vEmxN2OHHfrVxAlHpsSoP2IFkIdsuy1Q0xrVLqwuV2jiwqsdW1kh3b8eHKIPIdYEvvMkXLD30bBUonybXHA X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 02.07.23 14:27, Bagas Sanjaya wrote: > I notice a regression report on Bugzilla [1]. Quoting from it: > >> After upgrading to kernel version 6.4.0 from 6.3.9, I noticed frequent but random crashes in a user space program. After a lot of reduction, I have come up with the following reproducer program: > [...] >> After tuning the various parameters for my computer, exit code 2, which indicates that memory corruption was detected, occurs approximately 99% of the time. Exit code 1, which occurs approximately 1% of the time, means it ran out of statically-allocated memory before reproducing the issue, and increasing the memory usage any more only leads to diminishing returns. There is also something like a 0.1% chance that it segfaults due to memory corruption elsewhere than in the statically-allocated buffer. >> >> With this reproducer in hand, I was able to perform the following bisection: > [...] > > See Bugzilla for the full thread. Additional details from https://bugzilla.kernel.org/show_bug.cgi?id=217624#c5 : ``` I can confirm that v6.4 with 0bff0aaea03e2a3ed6bfa302155cca8a432a1829 reverted no longer causes any memory corruption with either my reproducer or the original program. ``` FWIW: 0bff0aaea03 ("x86/mm: try VMA lock-based page fault handling first") [merged for v6.4-rc1, authored by Suren Baghdasaryan [already CCed]] That's the same commit that causes build problems with go: https://lore.kernel.org/all/dbdef34c-3a07-5951-e1ae-e9c6e3cdf51b@kernel.org/ Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat) -- Everything you wanna know about Linux kernel regression tracking: https://linux-regtracking.leemhuis.info/about/#tldr If I did something stupid, please tell me, as explained on that page. #regzbot introduced: 0bff0aaea03e2a3