From: Lance Yang <lance.yang@linux.dev>
To: Dave Hansen <dave.hansen@intel.com>,
"David Hildenbrand (Arm)" <david@kernel.org>,
Peter Zijlstra <peterz@infradead.org>
Cc: Liam.Howlett@oracle.com, akpm@linux-foundation.org,
aneesh.kumar@kernel.org, arnd@arndb.de, baohua@kernel.org,
baolin.wang@linux.alibaba.com, boris.ostrovsky@oracle.com,
bp@alien8.de, dave.hansen@linux.intel.com, dev.jain@arm.com,
hpa@zytor.com, hughd@google.com, ioworker0@gmail.com,
jannh@google.com, jgross@suse.com, kvm@vger.kernel.org,
linux-arch@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, lorenzo.stoakes@oracle.com, mingo@redhat.com,
npache@redhat.com, npiggin@gmail.com, pbonzini@redhat.com,
riel@surriel.com, ryan.roberts@arm.com, seanjc@google.com,
shy828301@gmail.com, tglx@linutronix.de,
virtualization@lists.linux.dev, will@kernel.org, x86@kernel.org,
ypodemsk@redhat.com, ziy@nvidia.com
Subject: Re: [PATCH v4 0/3] targeted TLB sync IPIs for lockless page table
Date: Fri, 6 Feb 2026 00:30:56 +0800 [thread overview]
Message-ID: <99237729-f2b0-4a7a-8213-65a2f1c57744@linux.dev> (raw)
In-Reply-To: <647cbe2e-a034-4a75-9492-21ea1708eccc@intel.com>
On 2026/2/5 23:41, Dave Hansen wrote:
> On 2/5/26 07:31, Lance Yang wrote:
>> On 2026/2/5 23:09, Dave Hansen wrote:
>>> On 2/5/26 07:01, Lance Yang wrote:
>>>> So for now, neither approach looks good: tracking on the read side adss
>>>> cost to GUP-fast, and syncing on the write side e.g. synchronize_rcu()
>>>> is too slow on large systems.
>>>
>>> Which of the writers truly *need* synchronize_rcu()?
>>>
>>> What are they doing with the memory that they can't move forward unless
>>> it's quiescent *now*?
>>
>> Without IPIs or synchronize_rcu(), IIUC, we have no way to know if there
>> are ongoing concurrent lockless page-table walks — the walkers just disable
>> IRQs and walk.
>
> Yeah, but one aim of RCU is ensuring that readers see valid data but not
> necessarily the most up to date data.
>
> Are there cases where ongoing concurrent lockless page-table walks need
> to see the writes and they can't tolerate seeing valid but slightly
> stale data?
The issue is we're about to free the page table (e.g.
pmdp_collapse_flush()).
We have to ensure no walker is still doing a lockless page-table walk
when the page directories are freed, otherwise we get use-after-free.
> Don't forget that we also have pesky concurrent lockless page-table
> walkers called CPUs. They're extra pesky in that they don't even stop
> for IPIs. ;)
I assume those walkers that don't disable IRQs only read the PMD and
don't walk into the table; otherwise the current sync wouldn't work
for them.
Thanks,
Lance
next prev parent reply other threads:[~2026-02-05 16:31 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-02 7:45 [PATCH v4 0/3] targeted TLB sync IPIs for lockless page table walkers Lance Yang
2026-02-02 7:45 ` [PATCH v4 1/3] mm: use targeted IPIs for TLB sync with " Lance Yang
2026-02-02 9:42 ` Peter Zijlstra
2026-02-02 12:14 ` Lance Yang
2026-02-02 12:51 ` Peter Zijlstra
2026-02-02 13:23 ` Lance Yang
2026-02-02 13:42 ` Peter Zijlstra
2026-02-02 14:28 ` Lance Yang
2026-02-02 16:20 ` Dave Hansen
2026-02-02 7:45 ` [PATCH v4 2/3] mm: switch callers to tlb_remove_table_sync_mm() Lance Yang
2026-02-02 7:45 ` [PATCH v4 3/3] x86/tlb: add architecture-specific TLB IPI optimization support Lance Yang
2026-02-02 9:54 ` [PATCH v4 0/3] targeted TLB sync IPIs for lockless page table walkers Peter Zijlstra
2026-02-02 11:00 ` [PATCH v4 0/3] targeted TLB sync IPIs for lockless page table Lance Yang
2026-02-02 12:50 ` Peter Zijlstra
2026-02-02 12:58 ` Lance Yang
2026-02-02 13:07 ` Lance Yang
2026-02-02 13:37 ` Peter Zijlstra
2026-02-02 14:37 ` Lance Yang
2026-02-02 15:09 ` Peter Zijlstra
2026-02-02 15:52 ` Lance Yang
2026-02-05 13:25 ` David Hildenbrand (Arm)
2026-02-05 15:01 ` Lance Yang
2026-02-05 15:05 ` David Hildenbrand (Arm)
2026-02-05 15:28 ` Lance Yang
2026-02-05 15:09 ` Dave Hansen
2026-02-05 15:31 ` Lance Yang
2026-02-05 15:41 ` Dave Hansen
2026-02-05 16:30 ` Lance Yang [this message]
2026-02-05 16:46 ` David Hildenbrand (Arm)
2026-02-05 16:48 ` Matthew Wilcox
2026-02-05 17:06 ` David Hildenbrand (Arm)
2026-02-05 18:36 ` Dave Hansen
2026-02-05 22:49 ` David Hildenbrand (Arm)
2026-02-05 21:30 ` David Hildenbrand (Arm)
2026-02-05 17:00 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=99237729-f2b0-4a7a-8213-65a2f1c57744@linux.dev \
--to=lance.yang@linux.dev \
--cc=Liam.Howlett@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=aneesh.kumar@kernel.org \
--cc=arnd@arndb.de \
--cc=baohua@kernel.org \
--cc=baolin.wang@linux.alibaba.com \
--cc=boris.ostrovsky@oracle.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=david@kernel.org \
--cc=dev.jain@arm.com \
--cc=hpa@zytor.com \
--cc=hughd@google.com \
--cc=ioworker0@gmail.com \
--cc=jannh@google.com \
--cc=jgross@suse.com \
--cc=kvm@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mingo@redhat.com \
--cc=npache@redhat.com \
--cc=npiggin@gmail.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=riel@surriel.com \
--cc=ryan.roberts@arm.com \
--cc=seanjc@google.com \
--cc=shy828301@gmail.com \
--cc=tglx@linutronix.de \
--cc=virtualization@lists.linux.dev \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=ypodemsk@redhat.com \
--cc=ziy@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox