From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0DC6CEB64D9 for ; Tue, 4 Jul 2023 07:45:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7DBEC28006A; Tue, 4 Jul 2023 03:45:53 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 78BCA280049; Tue, 4 Jul 2023 03:45:53 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 652C228006A; Tue, 4 Jul 2023 03:45:53 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 5722A280049 for ; Tue, 4 Jul 2023 03:45:53 -0400 (EDT) Received: from smtpin30.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 207D914098E for ; Tue, 4 Jul 2023 07:45:53 +0000 (UTC) X-FDA: 80973145386.30.A6FB9E7 Received: from mail-yb1-f174.google.com (mail-yb1-f174.google.com [209.85.219.174]) by imf18.hostedemail.com (Postfix) with ESMTP id 5D4981C0009 for ; Tue, 4 Jul 2023 07:45:51 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=HPKJH25M; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf18.hostedemail.com: domain of surenb@google.com designates 209.85.219.174 as permitted sender) smtp.mailfrom=surenb@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1688456751; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=o+F1CRRrDYFWMSeR7pdIM99Yud7CZpQYBqF7uVLNYcg=; b=6wU3ls8ogJZ21OugmoqkLlodTRnuk6kKOLiTTXup3NBh/6tje3Pet/8+8PImVePELcLPJZ 7mBibJdNtljAnz6F0hzRadWEW97OQRepUD06LnXa+tigRynyqyGBKJI+sLsAAdZ5ghxAZw wgBP0HjH7lcVT30CI159CvyyZNPB2LQ= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=pass header.d=google.com header.s=20221208 header.b=HPKJH25M; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf18.hostedemail.com: domain of surenb@google.com designates 209.85.219.174 as permitted sender) smtp.mailfrom=surenb@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1688456751; a=rsa-sha256; cv=none; b=y0O3O5igOeg04ocpat/oLpclSj2FFgGfCXjbjS9nZ9kGm1V51XfAIQ80ymprzY5g4nzBkD nPODccQ6unbK+1jdtS2fD2h1wEO0Kt+IGeoUQKw7ROV2PDa1nmDAlrAfuVd9eSYGpfpoT1 M22FLpeUWxdNL1WQpvae+ToWGlw7Q+Y= Received: by mail-yb1-f174.google.com with SMTP id 3f1490d57ef6-bd6d9d7da35so5909131276.0 for ; Tue, 04 Jul 2023 00:45:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20221208; t=1688456750; x=1691048750; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=o+F1CRRrDYFWMSeR7pdIM99Yud7CZpQYBqF7uVLNYcg=; b=HPKJH25M1EtladfDNW1fzBqu0HKYUZT9duFKOwHMlqZbNtvot4sx/HWaKza4/APrSJ fhZIxULQUlVHZc0qAPaU5XCEDfNtPpliGzZWEyY7TOC39x9m1hB0BBv02seqlOP6Dpb/ frDXuwpbMPhzkYA1BI9xA3Vy5sci7KmRZOYAWsoxREWH8ocXvI6umTvD50JcBHYTX/Cy ta+anyV2RqlDMDwYUKQz0tUjPQxiSsYIkoumRrYNLQAfhkBEsCmX/4FA4HX813DsevZD 1pzjmqJzdfIjFQ+9fFVxBsSUm2sLwjtharaDDuc7tqdk684G/9ghQze/sFpqaa8Hct8m b2vg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1688456750; x=1691048750; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=o+F1CRRrDYFWMSeR7pdIM99Yud7CZpQYBqF7uVLNYcg=; b=I7vzNRl6BifQKG5JtXLnXa3U5OUJik8qVbMjRUldzB7TCqlMQ1PMxvcpX5ZXUBOozS 1vVBzP82cFYqiIE2H68gP20bwa6ScVu83S7CuG18wK/LwzJZ6snrQQc7CiWiPjgOYHZV NnpZ4cuEKvszZdfxcCjOyNPmHVkIVOxO1TzkvE+mAFXCJ5kEWyHLmDX3aLtwv/OP8IC7 QBtv+TMbq+sQcgUHv6Q0pJ5DHuBEnRuze1G9J61RN4QX4Kcp/VMUmnAtr+FgXehSuse/ Z7kJrMfeGTtaP+nGqMOJ85pNNvEpMxI0ZzHaXn6GKrGwlpwJ8CiwjMhCWlti5qW+ZicP 4UzQ== X-Gm-Message-State: ABy/qLYQqXNr3QHZJmgXG1SB8l9W2w4Dd6kLbY4FlO0XPk21zJeYCkjC QnNojr4hiJemv1BypC0PiOhwssMiR2WH04bCuQ4phg== X-Google-Smtp-Source: APBJJlFB3IV/8P2hDxGLg3/Osf2gTqSZWsYYoe3obpZM5g9tCWa6WsCTJCL9aS6pmt3nVrW4MoqplfvdJ/D8m2Uvt4s= X-Received: by 2002:a25:cc0c:0:b0:c4d:4f44:c50b with SMTP id l12-20020a25cc0c000000b00c4d4f44c50bmr7195756ybf.21.1688456750288; Tue, 04 Jul 2023 00:45:50 -0700 (PDT) MIME-Version: 1.0 References: <5c7455db-4ed8-b54f-e2d5-d2811908123d@leemhuis.info> <2023070359-evasive-regroup-f3b8@gregkh> In-Reply-To: <2023070359-evasive-regroup-f3b8@gregkh> From: Suren Baghdasaryan Date: Tue, 4 Jul 2023 00:45:39 -0700 Message-ID: Subject: Re: Fwd: Memory corruption in multithreaded user space program while calling fork To: Greg KH Cc: Linux regressions mailing list , Bagas Sanjaya , Andrew Morton , Jacob Young , Laurent Dufour , Linux Kernel Mailing List , Linux Memory Management , Linux PowerPC , Linux ARM Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Stat-Signature: 6i8nscbcwiqrcnt7rhqoxdt536ekkz7f X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 5D4981C0009 X-HE-Tag: 1688456751-224877 X-HE-Meta: U2FsdGVkX18TR99Yzkl8WUf4IC+CcRrS1uKqxmSEFUH1p888A9PTIswBWN8q5i4tIU+sDHX96IrdxODqZVy/wj1s8p9yRRQb8TxDFoBOBXuTMYfnk/QUGDl6QU3VAs/KhWSD5OV9esOMJM/h3+aUJhLU3zlOL+82YSNM7IQM/R9X2di2ooVR4XzZ27yTQZ1v09SQCQj8gihCKfVfpkbQHPvKFd5oAGG+n1nQCqADZ4kVkQ10uUIBmGkIbAqGXCbzxl2EknW+zDHH0YrCRWVOpCbqY+yqwOerQxp/FKiCWPNBP8xtUeWluRprohX+59pvs5fSKHNINZrvpKYprC+k8qAq0tveQNC1CvvDDacWuiLiochXh27u79zPh28osNpRTXJb7NzkIWMpMYPleptnHKcL/hfV6dnxB5nzcgnI0tdIqGu68DC1qz2uyug/iaRogiRQ6BT86gfM583LLT+IpiPFanHzoJe4w92rK4qCfO/+4h90BIUwzbOO+zpW3f2QKmPYVHkiuseQyc0V+9gIxWnLblgOIoEnH4y+1ZyifMGo0PlUPje2fqGJly3YjujxnXm6IaBCh83K7AO7GQfi7QYldI3saP+iklalWz0WlBVE4gIfm6tR8BB/xkL+Mp+1+T5k1bhPRdqG/SfoHC0jExckSbSWwui+zk18XZ95A6jzVuhYVa2PBIyMroCppF4piI7eUfmQmuUUvncpmsHPozFbE0mwb0pXQBaMPsjDVuTgCxyJ5mNQP1/Lj1XN2QmcLzSQHHiLeMqQlRrD33gGDFP2G629MTs6zp5uwcbF8aot8UtsXzFZqwAKupzKixQ5uPV/D9Oo8aAF67QyPsLqaQxjeb+FJZrpCN/82n4HFzNtxi7fCwLCBgHkO0bVaihzGybf9bShHlMtjwkqacsPAYwh1X7X/h9onlTbmfSyYqW+6B2Bw1ir0wYlJ8bbsaInrUnS0aNxVlC/5hqc193 BYdPsUub zFDsiS2pITCqTGTyNhdw12O0Wu1c5KvVA0RvRvDmV37LiYPqolwBvWOOdzTedevuXe5o2okh2MjwhpP7VpmcoQVL9wbYFFicG2qKxHSlozt6YA9R3gT4sltK+SURDcTs7vpOUzokKgzILnuRrwSuzES1F43sJ/GhKHbPp6aQxldJehJAXkgr8j4vaVfvnovGMZ6Poh8hKYR9Hfta6CPRWdSkCU9f9EhbRjhWQIwIBKjYJxlKUi8vPHhz3sXzLr1ICD8z64HgXgJZlDSN51hC2R5RQX296Jz/DxhabgqlRQzOqFKA1mON+QHcYJ3VbvCTCyO2txe7MtTyqVi1Tl7NJm5AtK4FsQlyRUPxMNn/m2HKqOB/Hp5kGzVLxrZP5YKMRqR5NjtxT3b63nk9sWk60fNXDHJ22zPAJRHGDImxIy/mDwiQuNAIBPRvu595uztZT35Hglll19XJqrN57/niPVoPsQyVD5zTU9yAeNDBmaILMzDyaAwOvW4PZnWSnNUZf4im6GC33LBgVFzEyD6liQvmKdg== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Mon, Jul 3, 2023 at 11:44=E2=80=AFAM Greg KH wrote: > > On Mon, Jul 03, 2023 at 11:27:19AM -0700, Suren Baghdasaryan wrote: > > On Mon, Jul 3, 2023 at 11:08=E2=80=AFAM Suren Baghdasaryan wrote: > > > > > > On Mon, Jul 3, 2023 at 2:53=E2=80=AFAM Linux regression tracking (Tho= rsten > > > Leemhuis) wrote: > > > > > > > > On 02.07.23 14:27, Bagas Sanjaya wrote: > > > > > I notice a regression report on Bugzilla [1]. Quoting from it: > > > > > > > > > >> After upgrading to kernel version 6.4.0 from 6.3.9, I noticed fr= equent but random crashes in a user space program. After a lot of reductio= n, I have come up with the following reproducer program: > > > > > [...] > > > > >> After tuning the various parameters for my computer, exit code 2= , which indicates that memory corruption was detected, occurs approximately= 99% of the time. Exit code 1, which occurs approximately 1% of the time, = means it ran out of statically-allocated memory before reproducing the issu= e, and increasing the memory usage any more only leads to diminishing retur= ns. There is also something like a 0.1% chance that it segfaults due to me= mory corruption elsewhere than in the statically-allocated buffer. > > > > >> > > > > >> With this reproducer in hand, I was able to perform the followin= g bisection: > > > > > [...] > > > > > > > > > > See Bugzilla for the full thread. > > > > > > > > Additional details from > > > > https://bugzilla.kernel.org/show_bug.cgi?id=3D217624#c5 : > > > > > > > > ``` > > > > I can confirm that v6.4 with 0bff0aaea03e2a3ed6bfa302155cca8a432a18= 29 > > > > reverted no longer causes any memory corruption with either my > > > > reproducer or the original program. > > > > ``` > > > > > > > > FWIW: 0bff0aaea03 ("x86/mm: try VMA lock-based page fault handling > > > > first") [merged for v6.4-rc1, authored by Suren Baghdasaryan [alrea= dy CCed]] > > > > > > > > That's the same commit that causes build problems with go: > > > > > > > > https://lore.kernel.org/all/dbdef34c-3a07-5951-e1ae-e9c6e3cdf51b@ke= rnel.org/ > > > > > > Thanks! I'll investigate this later today. After discussing with > > > Andrew, we would like to disable CONFIG_PER_VMA_LOCK by default until > > > the issue is fixed. I'll post a patch shortly. > > > > Posted at: https://lore.kernel.org/all/20230703182150.2193578-1-surenb@= google.com/ > > As that change fixes something in 6.4, why not cc: stable on it as well? Sorry, I thought since per-VMA locks were introduced in 6.4 and this patch is fixing 6.4 I didn't need to send it to stable for older versions. Did I miss something? Thanks, Suren. > > thanks, > > greg k-h