From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from out-177.mta0.migadu.com (out-177.mta0.migadu.com [91.218.175.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 025623C9437 for ; Tue, 21 Apr 2026 12:56:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.218.175.177 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776776171; cv=none; b=Bob/+kkoOSXvTD1RiXSB21kpaYvAgAACZqVjpFispEI3BLjbbl/BJsOudcroedv6k7Qg/7wl8QIjUCBMv3UWT+6XaUyK6Ct2Sle6kqlpbJqV9mp02yfbZsd0qPsEoXTEIX9Gr+xV/xdTUbY1Yc+TljZIIGPXnpAVgLEvMcKtuYM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776776171; c=relaxed/simple; bh=LQRkOn3vW/nmQK3tXc3BfXa7nqkhb18sICHqPyodtvY=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc: Message-Id:References:To; b=M3rNGG2MavuhGYAdUngUQJri1WUtO8qHT1RzhuiYjrotsrRglwwvt1X0Wa8/qPvO5YH7jID45LwDktf+Ef6EbockDuR3rdezA+DpG/X1XPuDsgPb/Dsc6mnfTw5X0Jz4ywIzq9Qgp18rWP+xKKO//uX07Olmzw6SVFDwqcIIhok= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=vg7izoD/; arc=none smtp.client-ip=91.218.175.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="vg7izoD/" Content-Type: text/plain; charset=us-ascii DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1776776157; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=J/IkkW+JU5n6AeDg2GUMzTphPhICC5j8Thb0S1sUJj8=; b=vg7izoD/SHeDiCvwcVpph61OCz4KFop7UFNJhdMRJinWVLPtCa1iaohG8NGMVKJ3GzkuVm Y7zWATpixrqwQxOhntqktRfjFxinlyyiqIHTk1XbnRY5OksFTuAKg+FWJrMM10mWNVYRFa SUVSbHSu+nvK24ILRfplaDMibP/R7X8= Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3864.500.181\)) Subject: Re: [PATCH] mm/sparse: Fix race on mem_section->usage in pfn walkers X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Muchun Song In-Reply-To: <76cec69e-6ee1-4630-847b-80dc1e49d643@kernel.org> Date: Tue, 21 Apr 2026 20:55:16 +0800 Cc: Muchun Song , Andrew Morton , Oscar Salvador , Charan Teja Kalla , Kairui Song , Qi Zheng , Shakeel Butt , Barry Song , Axel Rasmussen , Yuanchu Xie , Wei Xu , Lorenzo Stoakes , "Liam R. Howlett" , Vlastimil Babka , Mike Rapoport , Suren Baghdasaryan , Michal Hocko , linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-cxl@vger.kernel.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <20260415022326.53218-1-songmuchun@bytedance.com> <09d1ef13-e02b-41e9-b431-4c3254e42011@kernel.org> <76cec69e-6ee1-4630-847b-80dc1e49d643@kernel.org> To: "David Hildenbrand (Arm)" X-Migadu-Flow: FLOW_OUT > On Apr 21, 2026, at 19:21, David Hildenbrand (Arm) = wrote: >=20 > On 4/15/26 11:20, Muchun Song wrote: >>=20 >>=20 >>> On Apr 15, 2026, at 16:04, David Hildenbrand (Arm) = wrote: >>>=20 >>> On 4/15/26 04:23, Muchun Song wrote: >>>> When memory is hot-removed, section_deactivate() can tear down >>>> mem_section->usage while concurrent pfn walkers still inspect the >>>> subsection map via pfn_section_valid() or = pfn_section_first_valid(). >>>=20 >>> I'll note that it's all racy either way: someone checking = pfn_valid() / >>> pfn_to_online_page() can race with concurrent unplug. >>=20 >> Agree. When I first saw the commit message for 5ec8e8ea8b77, I was = curious >> because the goal of this commit was to fix an access issue with = ms->usage. >> Looking at the race diagram, I realized that while this only = addresses the >> ->usage access, subsequent accesses to struct page will still be = problematic. >> It's just that the former issue happened to be triggered first in = this specific >> commit. >>=20 >>>=20 >>> We've known that for years; it's hard to fix; it never ever triggers = :) >>=20 >> Glad to know my analysis wasn't off! It seems I've just stumbled upon = a >> 'well-known secret' within the community. :) >=20 > Heh, yes. >=20 >>=20 >>>=20 >>> So is this really worth it, when we should in fact, work on = protecting >>> the users of pfn_valid() / pfn_to_online_page() with rcu or similar? >>=20 >> I am not sure if it is worth fixing, especially since I just realized = the >> community has been aware of this issue for many years. If we do = decide to >> fix it, I think the most straightforward approach would be to protect = it >> using RCU, something like: >>=20 >> # the user side of pfn_to_online_page(): >> rcu_read_lock();=20 >> page =3D pfn_to_online_page(); >> if (!get_page_unless_zero(page)) >> goto out_unlock; >> rcu_read_unlock(); >=20 >=20 > Right, but we'd have to protect against the sections being marked as > offline as well here, though. So against a pure concurrent = offline_pages(). Right. >=20 > If you're looking for a project, this is really one worth doing! :) >=20 Initially, I wasn't sure if this issue was worth fixing, but it seems we are moving in the right direction. I'll give it some more thought in my spare time. >=20 > pfn_to_online_page() is more in need for protection than pfn_valid() I > think. Agree. Muchun, Thanks. >=20 > --=20 > Cheers, >=20 > David