From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 30299E77188 for ; Mon, 30 Dec 2024 18:31:59 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id AAAFE6B00A3; Mon, 30 Dec 2024 13:31:58 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id A32506B00A5; Mon, 30 Dec 2024 13:31:58 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 884F16B00A7; Mon, 30 Dec 2024 13:31:58 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id 62B3C6B00A3 for ; Mon, 30 Dec 2024 13:31:58 -0500 (EST) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 296AB1A08B9 for ; Mon, 30 Dec 2024 18:31:58 +0000 (UTC) X-FDA: 82952467626.27.F50A215 Received: from mail-qv1-f42.google.com (mail-qv1-f42.google.com [209.85.219.42]) by imf04.hostedemail.com (Postfix) with ESMTP id 53FC040014 for ; Mon, 30 Dec 2024 18:31:07 +0000 (UTC) Authentication-Results: imf04.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=GUHHVPcQ; spf=pass (imf04.hostedemail.com: domain of boqun.feng@gmail.com designates 209.85.219.42 as permitted sender) smtp.mailfrom=boqun.feng@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1735583494; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Znj6WT/zByf3CnckeyJOMBKUU1iL6sEgvxq3Qt66pRs=; b=OWTaOCIhGzFQCovojTV8s5halH32Clyut4BUCyvVXRxAMqCpXlwbwk2LYaqb8n4zPqR9e5 u0kT6lr6eHkP4gI+2G8U3Bjq3iv9IoEuz/3q+3TqA9bRfealU3SjKUHGrAVgLsVOyHSygZ hcjxpdTyfWW9ngvEvudshCbiwycIuFs= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1735583494; a=rsa-sha256; cv=none; b=BK1hnxTXBmy9XOaa8l16T9X6BUagJVcNUmRlV/giXEJqYVC7I1+Jdv6U5XPFyJu+Z1BrSq p3XQJkB0oDdIzFypqfPWq0Ng31QosHxefXdyL4unfL5CTyI4qPioVaJ0BuSv0c800DlRVg my/Rl9ASWj12rLAg4UmLTpM5oXjLARk= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=GUHHVPcQ; spf=pass (imf04.hostedemail.com: domain of boqun.feng@gmail.com designates 209.85.219.42 as permitted sender) smtp.mailfrom=boqun.feng@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-qv1-f42.google.com with SMTP id 6a1803df08f44-6d8a3e99e32so75286136d6.2 for ; Mon, 30 Dec 2024 10:31:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1735583515; x=1736188315; darn=kvack.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:feedback-id:from:to:cc:subject:date :message-id:reply-to; bh=Znj6WT/zByf3CnckeyJOMBKUU1iL6sEgvxq3Qt66pRs=; b=GUHHVPcQYOXkdpLUr49/DjaLYUkIB1szhb47h0JyE3gD/RUGiDjML47QSM6cEsSODX SKnqpFrf1/J33HMH5GjGf/qJs8v6dZLvYwpQiNVBRq9hDM4DDbtXz7PZbe5XRoPyMPQR SZrl69LXam5WdYhh7NzsImAaKMM+lyJbjoErnOrp9OtNfeJXbBD5SkSzV+BRgmDoiHGN fBRbYiaTGX+Aw55nAgIBN4++ng7kkVvGk1/uTuGPmtImUlKnd0+I4wlawkevu3Cv6hIl u2NAQc/+5DV0Eh3lIUB/mqQSH/FjBEv1UjB/FxUnbffJTzGp9r8P9pxDtV/PqIfRlqcO 66mA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735583515; x=1736188315; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:feedback-id:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Znj6WT/zByf3CnckeyJOMBKUU1iL6sEgvxq3Qt66pRs=; b=gVeETfVWIMK7YFcGOb0U6t8m+w/B7cmyxhPWwYbF1jfgtm5x1d6Iz+r9m05fNQgc/T 00cudpjTD7VzH/aQuHwQ2+lb8WUAL4qDYbr04yBxmZLdRWhKPvb8ogKX9jIRrvnfn6Sf Ee2ZG3ynyEUNDUh4mT4POjWVr1lYcy5xRJX8LqsiJwQH+xohJ6ldBEDo35aJJQHwaJAY NhPQxOCLIV4FNilRNudr9sO+55cKE9aFYhsAJ1pd2ramOSerbY782HaeGdpKCgSBF5kR kKf+bVuIBF/gzhDCCSK4MZzKVKPzD/7PTSp79oFGw4pJAcFtbH2MYsvl4DULS3VxOFCQ ljUg== X-Forwarded-Encrypted: i=1; AJvYcCWvQiWqHuXRBNUDklPcu28bgneVLQl8vXQ9xfVezZmpq2OvQerasPv1lz7RaXeApqCQPVlN+yrf0g==@kvack.org X-Gm-Message-State: AOJu0YxG7LXsAZWxLLp2S0F6PogtNzCLi0YzJFCtnFtIJ9Y+g5LkSfCp WjWetMezf5RIXYJblZkS2vS7jfa2zF8abVMMFtMKwSdqsHy8KU78 X-Gm-Gg: ASbGncs9wc++ylwjjM8BGrpzEyF7CaqcCEnAQqH6M2jBnKkQBHjI777jTmby15ReP4F 5M1GyEUsxLt22nEz38/oKVcP5wpJ9lke2Yn+97j5ByMUl5Y8yOfTsg0BYKwuq4OBfLLqLI3EcQN Lmzd67JVBVPtx2eBdN3YwyuzwtWr6Db7W22RaHZAy10diSrSH/d3YPtS3upjizAzvnqHjSFz8j8 MOuDelUWRLj3WgINwbcRjNyqABMY+v2c4jCfLpbQTSgHUfM8E9sxhm3t6DkJwqKdccKxR+d9mtC j/YZlkmeLQ5NgMWvKXS0qiX0lZrSMuELuSXzMn/kL164QD0= X-Google-Smtp-Source: AGHT+IFV+eJsoDTMPI/oYrVIh0W6q1HPPNWxrDYkLep2Oqo6fjUmYhr2uqMje9O7RHmyy1nMfSMRhA== X-Received: by 2002:a05:6214:8112:b0:6dd:597e:c471 with SMTP id 6a1803df08f44-6dd597ec9b3mr232721546d6.47.1735583515135; Mon, 30 Dec 2024 10:31:55 -0800 (PST) Received: from fauth-a1-smtp.messagingengine.com (fauth-a1-smtp.messagingengine.com. [103.168.172.200]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd18137367sm104696626d6.65.2024.12.30.10.31.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Dec 2024 10:31:54 -0800 (PST) Received: from phl-compute-02.internal (phl-compute-02.phl.internal [10.202.2.42]) by mailfauth.phl.internal (Postfix) with ESMTP id 7B258120006E; Mon, 30 Dec 2024 13:31:54 -0500 (EST) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-02.internal (MEProxy); Mon, 30 Dec 2024 13:31:54 -0500 X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefuddruddviedguddugecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdp uffrtefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivg hnthhsucdlqddutddtmdenucfjughrpeffhffvvefukfhfgggtuggjsehttdertddttddv necuhfhrohhmpeeuohhquhhnucfhvghnghcuoegsohhquhhnrdhfvghnghesghhmrghilh drtghomheqnecuggftrfgrthhtvghrnhephedugfduffffteeutddvheeuveelvdfhleel ieevtdeguefhgeeuveeiudffiedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrg hmpehmrghilhhfrhhomhepsghoqhhunhdomhgvshhmthhprghuthhhphgvrhhsohhnrghl ihhthidqieelvdeghedtieegqddujeejkeehheehvddqsghoqhhunhdrfhgvnhhgpeepgh hmrghilhdrtghomhesfhhigihmvgdrnhgrmhgvpdhnsggprhgtphhtthhopeelpdhmohgu vgepshhmthhpohhuthdprhgtphhtthhopehsuhhrvghnsgesghhoohhglhgvrdgtohhmpd hrtghpthhtohephhgurghnthhonhesshhinhgrrdgtohhmpdhrtghpthhtohepshihiigs ohhtodduudejtddukeefkeguugegvdegvdekrggsjegsfeesshihiihkrghllhgvrhdrrg hpphhsphhothhmrghilhdrtghomhdprhgtphhtthhopehpvghnghhuihhnqdhkvghrnhgv lhesihdqlhhovhgvrdhsrghkuhhrrgdrnhgvrdhjphdprhgtphhtthhopegvughumhgrii gvthesghhoohhglhgvrdgtohhmpdhrtghpthhtoheplhhinhhugidqkhgvrhhnvghlsehv ghgvrhdrkhgvrhhnvghlrdhorhhgpdhrtghpthhtoheplhhinhhugidqmhhmsehkvhgrtg hkrdhorhhgpdhrtghpthhtohepshihiihkrghllhgvrhdqsghughhssehgohhoghhlvghg rhhouhhpshdrtghomhdprhgtphhtthhopegsohhquhhnsehfihigmhgvrdhnrghmvg X-ME-Proxy: Feedback-ID: iad51458e:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 30 Dec 2024 13:31:53 -0500 (EST) Date: Mon, 30 Dec 2024 10:31:22 -0800 From: Boqun Feng To: Suren Baghdasaryan Cc: Hillf Danton , syzbot , Tetsuo Handa , edumazet@google.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com Subject: Re: [syzbot] [net?] possible deadlock in vm_insert_page Message-ID: References: <676ea4aa.050a0220.2f3838.0483.GAE@google.com> <20241228001926.517-1-hdanton@sina.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 53FC040014 X-Stat-Signature: 8y7cyo74emxtbpe5z3chidg5bmrmgbqp X-Rspam-User: X-HE-Tag: 1735583467-247611 X-HE-Meta: U2FsdGVkX1/N0fiYIhR90Aoh/mKS7YhMUYU0Hqkmb5CcSrhDyFUTq9+lt0tiwATBTbumbqb0picY3O8iauhPGz/8A0LvIcTiQbKyvXYmkoWXKVSsund3kwGUQqeQs5WerQQVB59msuYEFgFlfjz+7LarDFOxiP6hekDCw1jo+2HNaskjg5Tf+NIJDELzhgmy+DPuw2JolnfmJ7VowSdQfSLl5AhqohOaUEFlx2+5OS0FojhE+GldDXGwgSwaUKcvATIe5WtEs6kE3/99ZprG+RU5zJAnvqUboooT6eJlYtTUuaMrraXAos0KwiSTjnkSDr5ckZbT1MdU/Vr5KTV6Gv891IZ1bNVN2SIODo9AoaLh7uTSwlU18q5GOwmVvBiX1bd4OhzgkF86fGab8+Ioj8hp8ulV97tCgwDAgnH6VONVwyweYyUOWFJu4EGh3YefZc0RE+xGt9hJAsSTvkFejH/9l7uia5Bvy/AS5N/iv4ztS/UZ3uq35ltRFxXLg3hSRzXgv7so57AurNHf71oBND76OxnX/sewJg7XplF+P9JKL1R8ZpHKIfA0qMtAILAqSzISlhha4K3qWIv73s5YWuR2mSl0sJZnWD+aw1DyVWuPJbgtN2l8jCt9vZZ91B+r14SzQLC2tLH0VYpHlh4fw4PP7NN2OoUGEhewdA7uhRqHAmKUIutON45Ua+zjSv5XQlhaFt1194HgrO1V2K4yJd11VDYlILV/vMsvn0IHZGZwY77uRBBlsn8lZeYfv3Kznmf91QTrwMjU8E8/r/MwqKjjM8L73i4EnyKXNMhXUnw/6XLDIo7HZEGfaJPZmSL1ntRzBn4+9W+HKwG0VEHHdNQxhOx5w/0UEuM+0mNIeiO97g9x8RR3uEthjsmI5H89kn3dbBYQzOFewZoyGpohp0KFqHBtlh59xPM5b3aZn1UlIuQHF5UITVisOScmeO84KwADN5kG3VLV9yqostm uqUhPDRd SyqYfDXfZcXIhq0ZA1wpSaXn55j1chnGLA4Hx2FeFQpbha0sBItAHp5IudAK/1F7uueF9w/xiZ80l3wp1bu9lqvK1fM/gJguw3H6kKPWXIMVYZnPwUom8yLZApNhxzrcn7C4UYvFoZUaczq52jXyQCHRY1sHQmeiypeoFqSJV3nuMdp95KolfemF4UVJtlneOsRvYUdxD0UehDxmm76UHsOxuITrO1x0P6PsxeGgUrw276bZ8VNiEqxM+6rNcqPyAwBnvqOp0CPo2+Zr8Q1ElwBPgltDqS57GG26X4X2G8DZfI4pHL2RnflwPJQFh8WbRGNufJvl1BNl9AFQS1qHPCjNYoRcCUju4mVKPDKjg2vnYXpqaL6UDqWuYA3JASRPxtDfPqIc4dHraDPTNMe6mwSCsOj9HCZRPrBca+OkHYywmPeIkC+sGZHTT5PSSk7PLnjzel0gYnqC1G/gFqyKaXK7XhJ095XqjnC+abltV5q5+gqRWCoX/gvp7aZAKrdsMlfS19XGjF4F/7dFzgIszPCei+9oC8DTeIukOozZkPyDkcUNnCvaBd5RB3p1obEdHMywG6h6L7C6LzBxTTEy/1YWpQQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000001, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Dec 30, 2024 at 10:22:27AM -0800, Suren Baghdasaryan wrote: [...] > > > > > > > > Also a quick look seems to suggest that the lock dependency on CPU 1: > > > > > > > > lock(&vma->vm_lock->lock); > > > > lock(sb_pagefaults#4); > > > > > > > > can happen in a page fault with a reader of &vma->vm_lock->lock. > > > > > > The report clearly indicates a call to vma_start_write(), which means > > > vm_lock is being write-locked, not read-locked. That's why I commented > > > that the report does not consider that mmap_write_lock is already > > > taken when vma_start_write() is called. > > > > > > > > > > > do_page_fault(): > > > > lock_vma_under_rcu(): > > > > vma_start_read(): > > > > down_read_trylock(); // read lock &vma->vm_lock_lock here. > > > > ... > > > > handle_mm_fault(): > > > > sb_start_pagefault(); // lock(sb_pagefaults#4); > > > > > > > > if so, an existing reader can block the other writer, so I don't think > > > > the mmap_lock write protection can help here. > > > > > > In your example vma->vm_lock would be read-locked before > > > po->pg_vec_lock but in the report po->pg_vec_lock is locked before > > > vma->vm_lock->lock. I don't think what is reported here is the > > > do_page_fault() path. > > > > > > > You're missing the point, in the report, the current stack is indeed in > > a write path (i.e. &mm->mmap_lock first and then &vma->vm_lock->lock), > > however that's only part of the picture. The deadlock > > possibility is due to that there could be a concurrent do_page_fault() > > which will hold &vma->vm_lock->lock first and wait for another lock that > > eventually has a dependency on a &mm->mmap_lock. > > I need to see a more concrete example. > Note that do_page_fault() does not even read-lock the mmap_lock when > it uses vma->vm_lock, that's the whole point of per-vma locks that we > avoid using mmap_lock. So, even if it later waits on some other lock > that has mm->mmap_lock dependency, that should not block it. > Again, you might be right and there might be a lockdep issue but I > need a more specific example to see if it's real. > Understood. I clearly don't have the whole set of knowledge/skills to make the call ;-) I just tried my best to figure out what lockdep thought in this case (see the other email), it's quite fun to hunt down a "deadlock" possiblity involing 11 locks. Right now, I'm leaning torwards that this is 80% a false positive because one of the dependency was built during initcall, so it may not happen in real code, but I need to defer that to drm folks. Regards, Boqun > > > > Regards, > > Boqun > > [...]