From: Suren Baghdasaryan <surenb@google.com>
To: "Liam R. Howlett" <Liam.Howlett@oracle.com>,
Suren Baghdasaryan <surenb@google.com>,
Matthew Wilcox <willy@infradead.org>,
Vlastimil Babka <vbabka@suse.cz>,
akpm@linux-foundation.org, lorenzo.stoakes@oracle.com,
mhocko@suse.com, hannes@cmpxchg.org, mjguzik@gmail.com,
oliver.sang@intel.com, mgorman@techsingularity.net,
david@redhat.com, peterx@redhat.com, oleg@redhat.com,
dave@stgolabs.net, paulmck@kernel.org, brauner@kernel.org,
dhowells@redhat.com, hdanton@sina.com, hughd@google.com,
minchan@google.com, jannh@google.com, shakeel.butt@linux.dev,
souravpanda@google.com, pasha.tatashin@soleen.com,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
kernel-team@android.com
Subject: Re: [PATCH v2 4/5] mm: make vma cache SLAB_TYPESAFE_BY_RCU
Date: Wed, 13 Nov 2024 11:05:36 -0800 [thread overview]
Message-ID: <CAJuCfpFd1-hH=gmzyosZiebp8X=F9h-jTt1dXiMpZovsL8O=rQ@mail.gmail.com> (raw)
In-Reply-To: <CAJuCfpF_fEVwyDAStueNoEW=MNS5MoLPc1RaQMaOHZxODmw_0A@mail.gmail.com>
On Wed, Nov 13, 2024 at 7:47 AM Suren Baghdasaryan <surenb@google.com> wrote:
>
> On Wed, Nov 13, 2024 at 7:29 AM Liam R. Howlett <Liam.Howlett@oracle.com> wrote:
> >
> > * Suren Baghdasaryan <surenb@google.com> [241113 10:25]:
> > > On Wed, Nov 13, 2024 at 7:23 AM 'Liam R. Howlett' via kernel-team
> > > <kernel-team@android.com> wrote:
> > > >
> > > > * Matthew Wilcox <willy@infradead.org> [241113 08:57]:
> > > > > On Wed, Nov 13, 2024 at 07:38:02AM -0500, Liam R. Howlett wrote:
> > > > > > > Hi, I was wondering if we actually need the detached flag. Couldn't
> > > > > > > "detached" simply mean vma->vm_mm == NULL and we save 4 bytes? Do we ever
> > > > > > > need a vma that's detached but still has a mm pointer? I'd hope the places
> > > > > > > that set detached to false have the mm pointer around so it's not inconvenient.
> > > > > >
> > > > > > I think the gate vmas ruin this plan.
> > > > >
> > > > > But the gate VMAs aren't to be found in the VMA tree. Used to be that
> > > > > was because the VMA tree was the injective RB tree and so VMAs could
> > > > > only be in one tree at a time. We could change that now!
> > > >
> > > > \o/
> > > >
> > > > >
> > > > > Anyway, we could use (void *)1 instead of NULL to indicate a "detached"
> > > > > VMA if we need to distinguish between a detached VMA and a gate VMA.
> > > >
> > > > I was thinking a pointer to itself vma->vm_mm = vma, then a check for
> > > > this, instead of null like we do today.
> > >
> > > The motivation for having a separate detached flag was that vma->vm_mm
> > > is used when read/write locking the vma, so it has to stay valid even
> > > when vma gets detached. Maybe we can be more cautious in
> > > vma_start_read()/vma_start_write() about it but I don't recall if
> > > those were the only places that was an issue.
> >
> > We have the mm form the callers though, so it could be passed in?
>
> Let me try and see if something else blows up. When I was implementing
> per-vma locks I thought about using vma->vm_mm to indicate detached
> state but there were some issues that caused me reconsider.
Yeah, a quick change reveals the first mine explosion:
[ 2.838900] BUG: kernel NULL pointer dereference, address: 0000000000000480
[ 2.840671] #PF: supervisor read access in kernel mode
[ 2.841958] #PF: error_code(0x0000) - not-present page
[ 2.843248] PGD 800000010835a067 P4D 800000010835a067 PUD 10835b067 PMD 0
[ 2.844920] Oops: Oops: 0000 [#1] PREEMPT SMP PTI
[ 2.846078] CPU: 2 UID: 0 PID: 1 Comm: init Not tainted
6.12.0-rc6-00258-ga587fcd91b06-dirty #111
[ 2.848277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 2.850673] RIP: 0010:unmap_vmas+0x84/0x190
[ 2.851717] Code: 00 00 00 00 48 c7 44 24 48 00 00 00 00 48 c7 44
24 18 00 00 00 00 48 89 44 24 28 4c 89 44 24 38 e8 b1 c0 d1 00 48 8b
44 24 28 <48> 83 b8 80 04 00 00 00 0f 85 dd 00 00 00 45 0f b6 ed 49 83
ec 01
[ 2.856287] RSP: 0000:ffffa298c0017a18 EFLAGS: 00010246
[ 2.857599] RAX: 0000000000000000 RBX: 00007f48ccbb4000 RCX: 00007f48ccbb4000
[ 2.859382] RDX: ffff8918c26401e0 RSI: ffffa298c0017b98 RDI: ffffa298c0017ab0
[ 2.861156] RBP: 00007f48ccdb6000 R08: 00007f48ccdb6000 R09: 0000000000000001
[ 2.862941] R10: 0000000000000040 R11: ffff8918c2637108 R12: 0000000000000001
[ 2.864719] R13: 0000000000000001 R14: ffff8918c26401e0 R15: ffffa298c0017b98
[ 2.866472] FS: 0000000000000000(0000) GS:ffff8927bf080000(0000)
knlGS:0000000000000000
[ 2.868439] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2.869877] CR2: 0000000000000480 CR3: 000000010263e000 CR4: 0000000000750ef0
[ 2.871661] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2.873419] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2.875185] PKRU: 55555554
[ 2.875871] Call Trace:
[ 2.876503] <TASK>
[ 2.877047] ? __die+0x1e/0x60
[ 2.877824] ? page_fault_oops+0x17b/0x4a0
[ 2.878857] ? exc_page_fault+0x6b/0x150
[ 2.879841] ? asm_exc_page_fault+0x26/0x30
[ 2.880886] ? unmap_vmas+0x84/0x190
[ 2.881783] ? unmap_vmas+0x7f/0x190
[ 2.882680] vms_clear_ptes+0x106/0x160
[ 2.883621] vms_complete_munmap_vmas+0x53/0x170
[ 2.884762] do_vmi_align_munmap+0x15e/0x1d0
[ 2.885838] do_vmi_munmap+0xcb/0x160
[ 2.886760] __vm_munmap+0xa4/0x150
[ 2.887637] elf_load+0x1c4/0x250
[ 2.888473] load_elf_binary+0xabb/0x1680
[ 2.889476] ? __kernel_read+0x111/0x320
[ 2.890458] ? load_misc_binary+0x1bc/0x2c0
[ 2.891510] bprm_execve+0x23e/0x5e0
[ 2.892408] kernel_execve+0xf3/0x140
[ 2.893331] ? __pfx_kernel_init+0x10/0x10
[ 2.894356] kernel_init+0xe5/0x1c0
[ 2.895241] ret_from_fork+0x2c/0x50
[ 2.896141] ? __pfx_kernel_init+0x10/0x10
[ 2.897164] ret_from_fork_asm+0x1a/0x30
[ 2.898148] </TASK>
Looks like we are detaching VMAs and then unmapping them, where
vms_clear_ptes() uses vms->vma->vm_mm. I'll try to clean up this and
other paths and will see how many changes are required to make this
work.
>
> >
> > >
> > > >
> > > > Either way, we should make it a function so it's easier to reuse for
> > > > whatever we need in the future, wdyt?
> > > >
> > > > To unsubscribe from this group and stop receiving emails from it, send an email to kernel-team+unsubscribe@android.com.
> > > >
next prev parent reply other threads:[~2024-11-13 19:05 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-12 19:46 [PATCH v2 0/5] move per-vma lock into vm_area_struct Suren Baghdasaryan
2024-11-12 19:46 ` [PATCH v2 1/5] mm: introduce vma_start_read_locked{_nested} helpers Suren Baghdasaryan
2024-11-13 14:10 ` Lorenzo Stoakes
2024-11-13 15:30 ` Suren Baghdasaryan
2024-11-12 19:46 ` [PATCH v2 2/5] mm: move per-vma lock into vm_area_struct Suren Baghdasaryan
2024-11-13 14:28 ` Lorenzo Stoakes
2024-11-13 14:45 ` Vlastimil Babka
2024-11-13 14:58 ` Lorenzo Stoakes
2024-11-13 15:09 ` Vlastimil Babka
2024-11-13 14:53 ` Mateusz Guzik
2024-11-13 14:59 ` Lorenzo Stoakes
2024-11-13 15:01 ` Lorenzo Stoakes
2024-11-13 15:45 ` Suren Baghdasaryan
2024-11-13 15:42 ` Suren Baghdasaryan
2024-11-12 19:46 ` [PATCH v2 3/5] mm: mark vma as detached until it's added into vma tree Suren Baghdasaryan
2024-11-13 14:43 ` Lorenzo Stoakes
2024-11-13 15:37 ` Suren Baghdasaryan
2024-11-12 19:46 ` [PATCH v2 4/5] mm: make vma cache SLAB_TYPESAFE_BY_RCU Suren Baghdasaryan
2024-11-13 2:57 ` Suren Baghdasaryan
2024-11-13 5:08 ` Hugh Dickins
2024-11-13 6:03 ` Suren Baghdasaryan
2024-11-13 6:52 ` Hugh Dickins
2024-11-13 8:19 ` Suren Baghdasaryan
2024-11-13 8:58 ` Vlastimil Babka
2024-11-13 12:38 ` Liam R. Howlett
2024-11-13 13:57 ` Matthew Wilcox
2024-11-13 15:22 ` Liam R. Howlett
2024-11-13 15:25 ` Suren Baghdasaryan
2024-11-13 15:29 ` Liam R. Howlett
2024-11-13 15:47 ` Suren Baghdasaryan
2024-11-13 19:05 ` Suren Baghdasaryan [this message]
2024-11-14 16:18 ` Suren Baghdasaryan
2024-11-14 16:21 ` Vlastimil Babka
2024-11-13 16:44 ` Jann Horn
2024-11-13 20:59 ` Matthew Wilcox
2024-11-13 21:23 ` Jann Horn
2024-11-12 19:46 ` [PATCH v2 5/5] docs/mm: document latest changes to vm_lock Suren Baghdasaryan
2024-11-12 19:51 ` Suren Baghdasaryan
2024-11-13 14:46 ` Lorenzo Stoakes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAJuCfpFd1-hH=gmzyosZiebp8X=F9h-jTt1dXiMpZovsL8O=rQ@mail.gmail.com' \
--to=surenb@google.com \
--cc=Liam.Howlett@oracle.com \
--cc=akpm@linux-foundation.org \
--cc=brauner@kernel.org \
--cc=dave@stgolabs.net \
--cc=david@redhat.com \
--cc=dhowells@redhat.com \
--cc=hannes@cmpxchg.org \
--cc=hdanton@sina.com \
--cc=hughd@google.com \
--cc=jannh@google.com \
--cc=kernel-team@android.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=mgorman@techsingularity.net \
--cc=mhocko@suse.com \
--cc=minchan@google.com \
--cc=mjguzik@gmail.com \
--cc=oleg@redhat.com \
--cc=oliver.sang@intel.com \
--cc=pasha.tatashin@soleen.com \
--cc=paulmck@kernel.org \
--cc=peterx@redhat.com \
--cc=shakeel.butt@linux.dev \
--cc=souravpanda@google.com \
--cc=vbabka@suse.cz \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox