From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA86DC433F5 for ; Tue, 12 Apr 2022 17:03:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4A1E06B0072; Tue, 12 Apr 2022 13:03:16 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 428A16B0073; Tue, 12 Apr 2022 13:03:16 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 27C5C6B0074; Tue, 12 Apr 2022 13:03:16 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.a.hostedemail.com [64.99.140.24]) by kanga.kvack.org (Postfix) with ESMTP id 12EE46B0072 for ; Tue, 12 Apr 2022 13:03:16 -0400 (EDT) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id CF67524D2C for ; Tue, 12 Apr 2022 17:03:15 +0000 (UTC) X-FDA: 79348847550.08.A0C539D Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf19.hostedemail.com (Postfix) with ESMTP id EBD2A1A0011 for ; Tue, 12 Apr 2022 17:03:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1649782994; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aJnqd5OLUuO1wuqKum2XiCzy6QcFrih6opRw+UalRwo=; b=KOVyBbQyRVfgfioAapBUsG7Gasx9e5VJXX36BfbrGdh7Njg5SACTftrcos+8vnFP4wbxeq TBrQgl+s20srBq6E6S//2CRwNIocgE/vp4TLyoxaBWGC3mAqFtEUv0N2oJwetMky8GBwCf JLdSOE8Li3S+/L829FF1jIoriP8lgUA= Received: from mail-qt1-f197.google.com (mail-qt1-f197.google.com [209.85.160.197]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-124-GzgoiuyzOBupS62p9DfZeA-1; Tue, 12 Apr 2022 13:03:13 -0400 X-MC-Unique: GzgoiuyzOBupS62p9DfZeA-1 Received: by mail-qt1-f197.google.com with SMTP id m20-20020a05622a119400b002ef68184e7fso3354745qtk.15 for ; Tue, 12 Apr 2022 10:03:13 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent:subject :content-language:to:cc:references:from:in-reply-to :content-transfer-encoding; bh=aJnqd5OLUuO1wuqKum2XiCzy6QcFrih6opRw+UalRwo=; b=Q0YuImRLIHFI4E60tTXK/1q9CKzT4OrUubPq4/rIQmQvuc+XG83fpZ436VVk/6l3h3 MYcLTxCOerdfCDaqmNBZCez/2qsKM1SygjXiN3I5gPKPWeUEC3hYJwmGe9yo9tyym+02 A/yKJSViWa2ptEAkdbaeP5Ud0WZzg9wuoBd8XxljT7U5XDtl3vBzb9SHlQ2KYnQdz0V6 Jo05XW+11xFVD3MT98tLVOT3FbJYQJwISB9I9jMd2BqTfAgQTq/4tVSvSi6E7wd5aVd2 +VzlEyDmOJ1GyGnU1cQSB+//c7nbR9CALsCPr0seHRyQSWeLRA35q0u9a+zfyDHtfgUl 5ezw== X-Gm-Message-State: AOAM533iVX+LoDCiwVmubuiUn/G619E+bCN7qn0VJtRrPmJWzdRbgXu9 oLZZxroSpsLQtLNsAMxWhZRZTqmy/KrFKTjVsaCI7SJB40j2svWiOcOfOyyLVjdtEt81uIs7t9O c0Bt1NvcGXXI= X-Received: by 2002:a05:6214:20e6:b0:443:58b7:6f5e with SMTP id 6-20020a05621420e600b0044358b76f5emr31485082qvk.120.1649782992803; Tue, 12 Apr 2022 10:03:12 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzdg5KZQe62/znwgWYn/y2eSNTlf6NeAEDFTRvzLHc0PSUqVGhSfmtNCwgLAZfPvgnWJu+0Ww== X-Received: by 2002:a05:6214:20e6:b0:443:58b7:6f5e with SMTP id 6-20020a05621420e600b0044358b76f5emr31485038qvk.120.1649782992415; Tue, 12 Apr 2022 10:03:12 -0700 (PDT) Received: from [192.168.0.188] ([24.48.139.231]) by smtp.gmail.com with ESMTPSA id c134-20020ae9ed8c000000b0069bf8f9cfb2sm6474764qkg.118.2022.04.12.10.03.10 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 12 Apr 2022 10:03:11 -0700 (PDT) Message-ID: Date: Tue, 12 Apr 2022 13:03:09 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 Subject: Re: [PATCH v8] oom_kill.c: futex: Don't OOM reap the VMA containing the robust_list_head To: Thomas Gleixner , Peter Zijlstra Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, Rafael Aquini , Waiman Long , Baoquan He , Christoph von Recklinghausen , Don Dutile , "Herton R . Krzesinski" , David Rientjes , Michal Hocko , Andrea Arcangeli , Andrew Morton , Davidlohr Bueso , Ingo Molnar , Joel Savitz , Darren Hart , stable@kernel.org References: <20220408032809.3696798-1-npache@redhat.com> <20220408081549.GM2731@worktop.programming.kicks-ass.net> <87k0bzk7e5.ffs@tglx> <1a7944c7-d717-d5af-f71d-92326f7bb7f6@redhat.com> <87h76yff3b.ffs@tglx> From: Nico Pache In-Reply-To: <87h76yff3b.ffs@tglx> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: EBD2A1A0011 X-Stat-Signature: 35u8xj75764gue5z4fw85to73t4d9ub8 Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=KOVyBbQy; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf19.hostedemail.com: domain of npache@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=npache@redhat.com X-Rspam-User: X-HE-Tag: 1649782994-166365 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000018, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 4/12/22 12:20, Thomas Gleixner wrote: > On Mon, Apr 11 2022 at 19:51, Nico Pache wrote: >> On 4/8/22 09:54, Thomas Gleixner wrote: >>> The below reproduces the problem nicely, i.e. the lock() in the parent >>> times out. So why would the OOM killer fail to cause the same problem >>> when it reaps the private anon mapping where the private futex sits? >>> >>> If you revert the lock order in the child the robust muck works. >> >> Thanks for the reproducer Thomas :) >> >> I think I need to re-up my knowledge around COW and how it effects >> that stack. There are increased oddities when you add the pthread >> library that I cant fully wrap my head around at the moment. > > The pthread library functions are just conveniance so I did not have to > hand code the futex and robust list handling. > >> My confusion lies in how the parent/child share a robust list here, but they >> obviously do. In my mind the mut_s would be different in the child/parent after >> the fork and pthread_mutex_init (and friends) are done in the child. > > They don't share a robust list, each thread has it's own. > > The shared mutex mut_s is initialized in the parent before fork and it's > the same address in the child and it's not COWed because the mapping is > MAP_SHARED. > > The child allocates private memory and initializes the private mutex in > that private mapping. > > So now child does: > > pthread_mutex_lock(mut_s); > > That's the mutex in the memory shared with the parent. After that the > childs robusts list head points to mut_s::robust_list. > > Now it does: > > pthread_mutex_lock(mut_p); > > after that the childs robust list head points to mut_p::robust_list and > mut_p::robust_list points to mut_s::robust_list. > > So now the child unmaps the private memory and exists. > > The kernel tries to walk the robust list pointer and faults when trying > to access mut_p. End of walk and mut_s stays locked. > > So now think about the OOM case. The killed process has a shared mapping > with some other unrelated process (file, shmem) where mut_p sits. > > It gets killed after: > pthread_mutex_lock(mut_s); > pthread_mutex_lock(mut_p); > > So the OOM reaper rips the VMA which contains mut_p and therefore breaks > the chain which is necessary to reach mut_p. > > See? Yes, thank you for the detailed explanation, the missing piece just clicked in my head :) Cheers, -- Nico > > Thanks, > > tglx > > >