Re: [PATCH] mm/shmem: use invalidate_lock to fix hole-punch race

Next message: Alec Brown: "RE: [PATCH 4/4] tpm: Move TPM common base definitions to the command header"
Previous message: pr-tracker-bot: "Re: [GIT PULL] ACPI support fix for v7.0-rc6"
In reply to: Pedro Falcato: "Re: [PATCH] mm/shmem: use invalidate_lock to fix hole-punch race"
Next in thread: Gregory Price: "Re: [PATCH] mm/shmem: use invalidate_lock to fix hole-punch race"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Gregory Price

Date: Thu Mar 26 2026 - 15:54:31 EST

On Thu, Mar 26, 2026 at 07:16:05PM +0000, Pedro Falcato wrote:
>
> Sure, but can child - parent happen when traversing the i_mmap tree? I don't
> think so? (in mm/mmap.c)
> /* insert tmp into the share list, just after mpnt */
> vma_interval_tree_insert_after(tmp, mpnt,
> &mapping->i_mmap);
>
> The function itself is somewhat straightforward - find the leftmost node at the
> right of 'prev' (our parent) and link ourselves. So an in-order traversal should
> always go parent - child. Unless there's some awful tree rotation that can
> happen and screw us in the meanwhile.
>

hm, i think you're right, i have this inverted.

But this patch objectively fixed my issue, I no longer see this BUG(),
I don't get softlocks, and I don't get the guest corruption I was seeing
previously. It could simply be that the contention added makes the race
less likely.

Let me dig into this and just smoke test your suggestion - but I think
your patch would cause some contention issues on unmaps.

It's been difficult to generate a reproducer for this without running
hundreds of VMs, whatever race is going on here is extremely narrow.

>
> If this is broken, then every filesystem out there using filemap_fault() and
> filemap_fault_around() has to be broken, and I hope that's not true :p
>

Me too, but i never rule anything out.

~Gregory