On Tue, Oct 24, 2023 at 09:32:44AM -0700, Hugh Dickins wrote:
> On Tue, 24 Oct 2023, Liam R. Howlett wrote:
>
> > * Hugh Dickins <hughd@xxxxxxxxxx> [231024 02:50]:
> > > mm-unstable commit edd33b8807a1 ("mempolicy: migration attempt to match
> > > interleave nodes") added a second vma_iter search to do_mbind(), to
> > > determine the interleave index to be used in the MPOL_INTERLEAVE case.
> > >
> > > But sadly it added it just after the mmap_write_unlock(), leaving this
> > > new VMA search unprotected: and so syzbot reports suspicious RCU usage
> > > from lib/maple_tree.c:856.
> > >
> > > This could be fixed with an rcu_read_lock/unlock() pair (per Liam);
> > > but since we have been relying on the mmap_lock up to this point, it's
> > > slightly better to extend it over the new search too, for a well-defined
> > > result consistent with the policy this mbind() is establishing (rather
> > > than whatever might follow once the mmap_lock is dropped).
> >
> > Would downgrading the lock work? It would avoid the potential writing
> > issue and should still satisfy lockdep.
>
> Downgrading the lock would work, but it would be a pointless complication.
I tend to agree. It's also becoming far less important these days
with the vast majority of page faults handled under the per-VMA lock.
We might be able to turn it into a mutex instead of an rwsem without
seeing a noticable drop-off in performance. Not volunteering to try this.
