From: Andrea Arcangeli <aarcange@redhat.com>
To: "Kirill A. Shutemov" <kirill@shutemov.name>
Cc: linux-mm@kvack.org
Subject: Re: THP race?
Date: Tue, 23 Feb 2016 19:06:09 +0100 [thread overview]
Message-ID: <20160223180609.GC23289@redhat.com> (raw)
In-Reply-To: <20160223154950.GA22449@node.shutemov.name>
On Tue, Feb 23, 2016 at 06:49:50PM +0300, Kirill A. Shutemov wrote:
> Hi Andrea,
>
> I suspect there's race with THP in __handle_mm_fault(). It's pure
> theoretical and race window is small, but..
>
> Consider following scenario:
>
> - THP got allocated by other thread just before "pmd_none() &&
> __pte_alloc()" check, so pmd_none() is false and we don't
> allocate the page table.
>
> - But before pmd_trans_huge() check the page got unmap by
> MADV_DONTNEED in other thread.
>
> - At this point we will call pte_offset_map() for pmd which is
> pmd_none().
>
> Nothing pleasant would happen after this...
>
> Do you see anything what would prevent this scenario?
No so I think we need s/pmd_trans_huge/pmd_trans_unstable/ and use the
atomic read in C to sort this out lockless. The MADV_DONTNEED part
that isn't holding the mmap_sem for writing unfortunately wasn't
sorted out immediately, that was unexpected in
fact. pmd_trans_unstable() was introduced precisely to handle this
trouble caused by MADV_DONTNEED running with the mmap_sem only for
reading which causes infinite possible transactions back and forth
between none and transhuge while holding only the mmap_sem for
reading.
==
next prev parent reply other threads:[~2016-02-23 18:06 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-23 15:49 THP race? Kirill A. Shutemov
2016-02-23 18:06 ` Andrea Arcangeli [this message]
2016-02-23 18:18 ` [PATCH 1/1] mm: thp: fix SMP race condition between THP page fault kbuild test robot
2016-02-23 18:21 ` kbuild test robot
2016-02-23 18:27 ` kbuild test robot
2016-02-23 18:38 ` THP race? Kirill A. Shutemov
2016-02-23 19:28 ` Andrea Arcangeli
2016-02-25 18:45 ` Dan Williams
2016-02-26 10:37 ` Kirill A. Shutemov
2016-02-26 14:46 ` Dan Williams
2016-02-23 18:49 ` [PATCH 0/1] " Andrea Arcangeli
2016-02-23 18:49 ` [PATCH 1/1] mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED Andrea Arcangeli
2016-02-23 21:18 ` Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160223180609.GC23289@redhat.com \
--to=aarcange@redhat.com \
--cc=kirill@shutemov.name \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.