Re: [git pull] vfs.git bits and pieces

From: Al Viro
Date: Wed Nov 20 2013 - 17:16:46 EST

Next message: Joe Perches: "Re: [git pull] vfs.git bits and pieces"
Previous message: David Miller: "Re: [PATCH RFC v1 0/7] net: phy: Ethernet PHY powerdownoptimization"
In reply to: Al Viro: "Re: [git pull] vfs.git bits and pieces"
Next in thread: Joe Perches: "Re: [git pull] vfs.git bits and pieces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 20, 2013 at 05:47:12PM +0000, Al Viro wrote:
> On Wed, Nov 20, 2013 at 05:42:11PM +0000, Al Viro wrote:
> > [Apologies for delay; I'd spent the last day hunting down something that
> > turned out to be a VM leak completely unrelated to this stuff - it's
> > present in mainline, for starters. Unreliable reproducers make for fun
> > bisects ;-/ Anyway, by now I'm absolutely sure that this is a VM bug and
> > not something I had somehow managed to break, so...]
>
> BTW, something odd happened to mm/memory.c - either a mangled patch
> or a lost followup. Take a look at the last commit in there:
> commit ea1e7ed33708c7a760419ff9ded0a6cb90586a50
> Author: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
> Date: Thu Nov 14 14:31:53 2013 -0800
>
> mm: create a separate slab for page->ptl allocation
>
> If DEBUG_SPINLOCK and DEBUG_LOCK_ALLOC are enabled spinlock_t on x86_64
> is 72 bytes. For page->ptl they will be allocated from kmalloc-96 slab,
> so we loose 24 on each. An average system can easily allocate few tens
> thousands of page->ptl and overhead is significant.
>
> Let's create a separate slab for page->ptl allocation to solve this.
>
> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
> Cc: Peter Zijlstra <peterz@xxxxxxxxxxxxx>
> Cc: Ingo Molnar <mingo@xxxxxxx>
> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
>
> Fair enough, and yes, it does create that separate slab. The problem is,
> it's still using kmalloc/kfree for those beasts - page_ptl_cachep isn't
> used at all...

While digging in the same area:

Wrong page freed on preallocate_pmds() failure exit

Note that pmds[i] is simply uninitialized at that point...
Granted, it's very hard to hit (you need split page locks
*and* kmalloc(sizeof(spinlock_t), GFP_KERNEL) failing),
but the code is obviously bogus.

Signed-off-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
---
diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c
index a7cccb6d..36aa999 100644
--- a/arch/x86/mm/pgtable.c
+++ b/arch/x86/mm/pgtable.c
@@ -209,7 +209,7 @@ static int preallocate_pmds(pmd_t *pmds[])
if (!pmd)
failed = true;
if (pmd && !pgtable_pmd_page_ctor(virt_to_page(pmd))) {
- free_page((unsigned long)pmds[i]);
+ free_page((unsigned long)pmd);
pmd = NULL;
failed = true;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Joe Perches: "Re: [git pull] vfs.git bits and pieces"
Previous message: David Miller: "Re: [PATCH RFC v1 0/7] net: phy: Ethernet PHY powerdownoptimization"
In reply to: Al Viro: "Re: [git pull] vfs.git bits and pieces"
Next in thread: Joe Perches: "Re: [git pull] vfs.git bits and pieces"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]