From: Linus Torvalds <torvalds@linux-foundation.org>
To: Nick Piggin <npiggin@suse.de>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>,
Hugh Dickins <hugh@veritas.com>,
Linux Memory Management List <linux-mm@kvack.org>
Subject: Re: [patch] mm: fix anon_vma races
Date: Fri, 17 Oct 2008 19:11:38 -0700 (PDT) [thread overview]
Message-ID: <alpine.LFD.2.00.0810171846180.3438@nehalem.linux-foundation.org> (raw)
In-Reply-To: <20081018013258.GA3595@wotan.suse.de>
On Sat, 18 Oct 2008, Nick Piggin wrote:
> >
> > Side note: it would be nicer if we had a "spin_lock_init_locked()", so
> > that we could avoid the more expensive "true lock" when doing the initial
> > allocation, but we don't. That said, the case of having to allocate a new
> > anon_vma _should_ be the rare one.
>
> We can't do that, unfortuantely, because anon_vmas are allocated with
> SLAB_DESTROY_BY_RCU.
Aughh. I see what you're saying. We don't _free_ them by RCU, we just
destroy the page allocation. So an anon_vma can get _re-allocated_ for
another page (without being destroyed), concurrently with somebody
optimistically being busy with that same anon_vma that they got through
that optimistic 'page_lock_anon_vma()' thing.
So if we were to just set the lock, we might actually be messing with
something that is still actively used by the previous page that was
unmapped concurrently and still being accessed by try_to_unmap_anon. So
even though we allocated a "new" anon_vma, it might still be busy.
Yes? No?
That thing really is too subtle for words. But if that's actually what you
are alluding to, then doesn't that mean that we _really_ should be doing
that "spin_lock(&anon_vma->lock)" even for the first allocation, and that
the current code is broken? Because otherwise that other concurrent user
that found the stale vma through page_lock_anon_vma() will now try to
follow the linked list and _think_ it's stable (thanks to the lock), but
we're actually inserting entries into it without holding any locks at all.
But I'm hoping I actually am totally *not* understanding what you meant,
and am actually just terminally confused.
Hugh, this is very much your code. Can you please tell me I'm really
confused here, and un-confuse me. Pretty please?
Linus
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2008-10-18 2:11 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-10-16 4:10 Nick Piggin
2008-10-17 22:14 ` Hugh Dickins
2008-10-17 23:05 ` Linus Torvalds
2008-10-18 0:13 ` Hugh Dickins
2008-10-18 0:25 ` Linus Torvalds
2008-10-18 1:53 ` Nick Piggin
2008-10-18 2:50 ` Paul Mackerras
2008-10-18 2:57 ` Linus Torvalds
2008-10-18 5:49 ` Nick Piggin
2008-10-18 10:49 ` Paul Mackerras
2008-10-18 17:00 ` Linus Torvalds
2008-10-18 18:44 ` Matthew Wilcox
2008-10-19 2:54 ` Nick Piggin
2008-10-19 2:53 ` Nick Piggin
2008-10-17 23:13 ` Peter Zijlstra
2008-10-17 23:53 ` Linus Torvalds
2008-10-18 0:42 ` Linus Torvalds
2008-10-18 1:08 ` Linus Torvalds
2008-10-18 1:32 ` Nick Piggin
2008-10-18 2:11 ` Linus Torvalds [this message]
2008-10-18 2:25 ` Nick Piggin
2008-10-18 2:35 ` Nick Piggin
2008-10-18 2:53 ` Linus Torvalds
2008-10-18 5:20 ` Nick Piggin
2008-10-18 10:38 ` Peter Zijlstra
2008-10-19 9:52 ` Hugh Dickins
2008-10-19 10:51 ` Peter Zijlstra
2008-10-19 12:39 ` Hugh Dickins
2008-10-19 18:25 ` Linus Torvalds
2008-10-19 18:45 ` Peter Zijlstra
2008-10-19 19:00 ` Hugh Dickins
2008-10-20 4:03 ` Hugh Dickins
2008-10-20 15:17 ` Linus Torvalds
2008-10-20 18:21 ` Hugh Dickins
2008-10-21 2:56 ` Nick Piggin
2008-10-21 3:25 ` Linus Torvalds
2008-10-21 4:33 ` Nick Piggin
2008-10-21 12:58 ` Hugh Dickins
2008-10-21 15:59 ` Christoph Lameter
2008-10-22 9:29 ` Nick Piggin
2008-10-21 4:34 ` Nick Piggin
2008-10-21 13:55 ` Hugh Dickins
2008-10-21 2:44 ` Nick Piggin
2008-10-18 19:14 ` Hugh Dickins
2008-10-19 3:03 ` Nick Piggin
2008-10-19 7:07 ` Hugh Dickins
2008-10-20 3:26 ` Hugh Dickins
2008-10-21 2:45 ` Nick Piggin
2008-10-19 1:13 ` Hugh Dickins
2008-10-19 2:41 ` Nick Piggin
2008-10-19 9:45 ` Hugh Dickins
2008-10-21 3:59 ` Nick Piggin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LFD.2.00.0810171846180.3438@nehalem.linux-foundation.org \
--to=torvalds@linux-foundation.org \
--cc=a.p.zijlstra@chello.nl \
--cc=hugh@veritas.com \
--cc=linux-mm@kvack.org \
--cc=npiggin@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox